Re: [openssl-users] Should I stop using locking callbacks in OpenSSL 1.1.0x ?
OpenSSL 1.1.0 *does not* go through the locking callbacks. They will never be called. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Should I stop using locking callbacks in OpenSSL 1.1.0x ?
Not to disagree of course, but you can always put printf's in your callbacks to confirm. CharlesSent from a mobile; please excuse the brevity. Original message From: "Salz, Rich via openssl-users" <openssl-users@openssl.org> Date: 4/13/18 3:22 PM (GMT-05:00) To: openssl-users@openssl.org Subject: Re: [openssl-users] Should I stop using locking callbacks in OpenSSL 1.1.0x ? Does this mean I can safely remove all usages of the above functions from my application code? I'd appreciate if someone could explain the above comment in a little more detail or confirm what I'm saying. Or has anyone else been in the same situation? Yes. Do not use the locking callbacks. OpenSSL uses system-native threads and locks now. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Should I stop using locking callbacks in OpenSSL 1.1.0x ?
* Does this mean I can safely remove all usages of the above functions from my application code? I'd appreciate if someone could explain the above comment in a little more detail or confirm what I'm saying. Or has anyone else been in the same situation? Yes. Do not use the locking callbacks. OpenSSL uses system-native threads and locks now. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Should I stop using locking callbacks in OpenSSL 1.1.0x ?
Hi all, I'm trying to migrate some application code from OpenSSL 1.0.1e to 1.1.0g. I keep seeing that the locking and threading callbacks I had used earlier (with CRYPTO_set_locking_callback and CRYPTO_set_id_callback respectively) now show up as "unused" during compilation. I checked https://www.openssl.org/blog/blog/2017/02/21/threads/ and it seems like OpenSSL is trying to ditch callbacks and use more native facilities. In 1.1.0g's crypto.h, CRYPTO_set_locking_callback is defined as a no-op, with the following comment: /* * The old locking functions have been removed completely without compatibility * macros. This is because the old functions either could not properly report * errors, or the returned error values were not clearly documented. * Replacing the locking functions with with no-ops would cause race condition * issues in the affected applications. It is far better for them to fail at * compile time. * On the other hand, the locking callbacks are no longer used. Consequently, * the callback management functions can be safely replaced with no-op macros. */ Does this mean I can safely remove all usages of the above functions from my application code? I'd appreciate if someone could explain the above comment in a little more detail or confirm what I'm saying. Or has anyone else been in the same situation? Thanks, Pratyush -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users