Tomas Mraz, 2008-01-24:
So IMO what Paul Sheer is doing - disabling all locking in OpenSSL given
that there won't be any static and/or global variables in the OpenSSL
code called is 100% safe thing if the threads do not share any data
manipulated within the OpenSSL library.
As mentioned in
Paul Sheer, 2008-01-29:
Let's say you have 1600 clients. Let's say that you have 40 threads, and
each thread
handles 40 connections. Now let's say that each thread initializes it's own
SSL_CTX structure.
The SSL_CTX structure contains most of the data required for SSL
functionality.
Leandro Santi, 2008-01-29:
I won't argue with you about using the library in an
undocumented manner; but I *do* think it'd be interesting
to get some real quantitative data: we could use it as a
basis to discuss possible future library modifications,
more compatible with your requests.
One
John Parker, 2008-05-15:
It is already possible to use openssl and valgrind - just build OpenSSL
with -DPURIFY, and it is quite clean.
Actually on my system, just -DPURIFY doesn't satisfy valgrind. What
I'm asking for is something that both satisfies valgrind and doesn't
reduce the
Hi,
I think that there's a race with OpenSSL-0.9.8 updating the
new, post-0.9.7 shared mt_blinding object on a multithreaded
(MySQL-4.1 for instance) environment.
The proposed solution is to use an exclusive write lock while
invert()ing the blinding process. This guarrantees that the
update of
Christopher P. Masone, 2005-11-02:
So, I've recently upgraded to 0.9.8a. Before this, I was using 0.9.7h, and
things were working fine.
Now, I'm getting a library has no ciphers error the first time I call
SSL_CTX_new...despite the fact that I have called OpenSSL_add_all_algorithms()
Balazs Scheidler, 2006-03-31:
The problem with
the current situation is that everything _seems_ to work well, but
whenever load hits the application it crashes and it is not easy to
debug especially when one is looking for an error in his own code :)
IMHO, the sooner the problem is detected,