httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Frank <fr...@x09.de>
Subject Re: Creating a thread safe module and the problem of calling of 'CRYPTO_set_locking_callback' twice!
Date Wed, 06 Dec 2006 06:58:27 GMT
Nick Kew wrote:
> On Tue, 05 Dec 2006 21:45:48 +0100
> Frank <frank@x09.de> wrote:
> 
> 
>>Hi,
>>I am developing a module (using OpenSSL) for apache 2.2.3 and wonder
>>how to make it thread safe.
> 
> 
> Is OpenSSL not thread-safe?

Yes and no. http://www.openssl.org/docs/crypto/threads.html says:

"OpenSSL can safely be used in multi-threaded applications provided that 
at least two callback functions are set."

... and that are 'CRYPTO_set_locking_callback' and 
'CRYPTO_set_id_callback'. (And these are 'global' callbacks! These are 
not callbacks I give as a parameter to an individual OpenSSL-function to 
make it called only inside the local scope of that particular function!)

> If it's not, how does mod_ssl deal with it?  And if it is, where's
> the problem?

I do not know what might happen if my module is calling the above two 
functions to set the callbacks while mod_ssl does so, too. If I tried it 
out everything seems to work, but this may be, because that callbacks 
are never get called or it happens in an environment where it makes no 
difference or it just works coz' I am a lucky guy or whatever....

>>So my question is:
>>- Should I call 'ssl_util_thread_setup' too and a (maybe) second call
>>to that function doesn't create problems?
> 
> 
> If that's a library initialisation function, call it at server startup.

But it calls things like 'apr_thread_mutex_create' and the two callbacks 
mentioned above... It's not a real library initialisation function! 
Especially because it didn't test for being already called... You see I 
am an extremely cautious guy. (Or call it coward.)

>>- Should there be a 'Someone_already_called_me_so_go_home'-Variable 
>>inside the function 'ssl_util_thread_setup' to prevent it from being 
>>called twice?
> 
> 
> What happens if it's called twice?  What does mod_ssl do?

Everthing seems to work, but maybe this is just luck. (See above.)

>>- Do I understand something wrong?
>>- What is the correct approach to solve this dilemma?
> 
> 
> My chapter 4 discusses thread-safety and external libraries.
> But I know nothing about OpenSSL, and I suspect you might be
> seeing a problem where none exists.

When the library opens I will take a look at it, but I suspect that your 
book will not help me in this case...


I am still confused about that topic...

Frank

Mime
View raw message