Hi,
It is unsafe to access SSL context from 2 different threads. When you
call SSL_write function, the SSL context object state is changed.
Probably you can end up in case that data is not delivered to the peer.
Kris
On Tue, 2014-09-30 at 13:46 +, S P, Swaroop (NSN - IN/Bangalore)
wrote:
> H
[Top-posted because Outlook can't deal correctly with HTML email.]
> Is this safe?
No. There's a lot of state in the SSL object (which is not an "SSL context", in
OpenSSL terminology; the SSL_CTX object is an "SSL context"), and the SSL/TLS
methods' write functions do not serialize access to it
> From: Thomas Eckert [mailto:thomas.eck...@sophos.com]
> Sent: Tuesday, November 20, 2012 9:44 AM
>
> I am seeing lots of errors whose error message reads
> "S : 2851965808:error:14092105:SSL
> routines:SSL3_GET_SERVER_HELLO:wrong cipher returned:s3_clnt.c:963:"
> if I run it in at least severa
Hi Alain,
> >I would recommend you always watch the warnings. Some C compilers
> >downgrade fairly major problems to "Warnings".
>
> I'm not really familiar with handling void* pointers so I'm
> not sure how alarming these should be.
The first warning seems to be about the callback function b
Hello again and thank you for your replies
I'll probably do it that way too. My threads are defined in another
language and I'm pretty sure there is no way for my C module to be aware of
which user thread it is currently running in... so I have nothing
relevant to call CRYPTO_set_id_cal
Hello again and thank you for your replies
Mark wrote:
I would recommend you always watch the warnings. Some C compilers
downgrade fairly major problems to "Warnings".
I'd recommend the same thing to myself actually. These warnings are
generated by the code in th-lock.c (compiling under
Hello,
I'm trying to write an interface to OpenSSL using BIO pairs. For testing
purposes, I'm doing communication locally in two seperate threads (one
accessing a server context, the other a client context) so I figured I
should worry about thread safety. I read in the OpenSSL documentation
Hi Alain,
There is a good section in the O'Reilly Book about threading. See
Chapter 4.
If you haven't got this book then I will summerize. OpenSSL is thread
safe
only if you implement the static (and dynamic) locking callbacks. You
can find some examples from http://www.opensslbook.com/code.ht
> >Why would you go out of your way to create fragile code when you
> >could fix
> >this the right way in three or four minutes?
> If you don't use a "thread per request" model, it's a lot more than
> three or four minutes.
I don't see why you think that is. None of my code uses a 'threa
> Can I force this precalculation (caching) to take place after creating
> an RSA structure and before multiple threads use it (without doing an
> actual dummy-decryption)? If yes, would this suffice to avoid the race
> condition so that no locking is required?
Why would you go out of you
On Wed, Jun 02, 2004, Thomas Schuerger wrote:
> > > Hi,
> > >
> > > I have problems using the RSA_private_decrypt() function of the crypto
> > > library in parallel with *the same* (RSA *) structure. When using a
> > > single thread, decryption works flawlessly, when using two or more
> > > threa
On Fri, May 28, 2004, Thomas Schuerger wrote:
> > > I have problems using the RSA_private_decrypt() function of the crypto
> > > library in parallel with *the same* (RSA *) structure. When using a
> > > single thread, decryption works flawlessly, when using two or more
> > > threads in parallel, d
> > I have problems using the RSA_private_decrypt() function of the crypto
> > library in parallel with *the same* (RSA *) structure. When using a
> > single thread, decryption works flawlessly, when using two or more
> > threads in parallel, decryption mostly fails with PKCS errors.
> >
> > I tho
On Fri, May 28, 2004, Thomas Schuerger wrote:
> Hi,
>
> I have problems using the RSA_private_decrypt() function of the crypto
> library in parallel with *the same* (RSA *) structure. When using a
> single thread, decryption works flawlessly, when using two or more
> threads in parallel, decrypti
Cory Winter wrote:
> Hi,
>
> On Tue, Jan 09, 2001 at 09:20:04AM -0800, Geoff Thorpe wrote:
> > On Tue, 9 Jan 2001, Cory Winter wrote:
> >
> > > Anyway, I'm wondering if users are also expected to make the info callbacks
> > > thread safe? Don't get me wrong, I realize that this may sound like a s
ubject: Re: thread safety
jinwon,
I too was considering making a COM wrapper for openssl but have not got round to
starting it yet (and I believe I'm not the only one).
Would you be willing to share your code when finished or that we perhaps share some
tasks/work to even the load?
[EMAIL PROTECTED] (Colin Bradley):
> May I ask someone who is familiar with the degree of thread
> safety of the OpenSSL libraries to comment on it? I have been
> unable to find clear documentation on this aspect of the
> implementation, but noted that some of the libraries
> appear
17 matches
Mail list logo