apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Frank <fr...@x09.de>
Subject Clever wrapper needed for making OpenSSL thread-safe
Date Sat, 17 Feb 2007 17:32:21 GMT

Hi,

some time ago I described an annoying problem I have with the usage of 
OpenSSLs crypto-functions in a multi-threaded environment on the 
Apache-mailinglist. Because the problem cannot be solved with the now 
available instruments I was given the advice to discus this problem on 
the APR-mailinglist, so that the APR-OpenSSL-guys are aware of that 
problem and might build the needed wrappers/functionalities. :-) (For 
the discussion see: 
http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=116535180024531&w=2)

And now my problem:
The OpenSSL-library offers more than just SSL and TLS: It is also a 
general purpose cryptography library! But there is a problem with the 
usage in a multi-threaded environment, because the OpenSSL-library is 
not thread-safe per se. Fortunately there is a 'trick' to make it 
thread-safe as stated in 
http://www.openssl.org/docs/crypto/threads.html#DESCRIPTION (and also 
noted on 
http://httpd.apache.org/docs/2.2/developer/thread_safety.html#liblist):

"OpenSSL can safely be used in multi-threaded applications provided that 
at least two callback functions are set."

This means two functions: 'CRYPTO_set_locking_callback' and 
'CRYPTO_set_id_callback'. And here starts my problem: It might be that 
another module already might have done this and there is no way to find 
it out! OK, there are functions like 'CRYPTO_get_locking_callback' and 
'CRYPTO_get_id_callback' to retrieve the information whether these 
callbacks have already been set or not, but that won't help (and 
additionally is a bad programming style)! See this scenario:

Currently the Apache-module mod_ssl is setting these two callbacks (in 
modules/ssl/ssl_util.c)! If that module is loaded and inited before mine 
it works, because the callbacks are set and I am able to determine this. 
If my module is loaded before mod_ssl is inited I have a problem! When I 
set the two callbacks and afterwards mod_ssl is doing this too, bad 
things might happen! (This is only one trivial example.)

OK, you might say that mod_ssl is wrong and it should first determine if 
the callbacks have been set before setting them, but then I (and 
possibly others) would argue, why everyone unnecessarily has to 
duplicate code? Why is there no API-call for 
'make-this-library-thread-safe-if-not-already-done'? Or why doesn't this 
happen magically/automatically when I use the 
'start-to-use-library'-call (e.g. inside apu_ssl_init)? (Especially as 
it might be not that trivial for every module-writer to set the 
callbacks with the correct thread-safe-making function-values for all 
availbale platforms!!)

What do you think?

Frank

P.S.: And in case you wonder what crypto-functions I want to use in 
OpenSSL: EVP_EncryptInit, EVP_EncryptUpdate, EVP_EncryptFinal, and 
especially EVP_CIPHER_CTX_init!

Mime
View raw message