Re: Openssl in multithreaded environment segfaults

Fri, 20 Feb 2004 16:16:54 -0800 

Changing the code to use one SSL_CTX per thread is a large
task because of the complexity of the whole system.

The initialization code is probably easier to look at:

I use:

extern pthread_mutex_t *ggsyscom_ssllock_cs;
extern long *ggsyscom_ssllock_count;

which are defined on the main.c file as global.

Then, there is an initialization function that gets call
at the beginning of main which has (among other things):

  int numlocks = 600;

  ggsyscom_ssllock_cs = OPENSSL_malloc(numlocks *
sizeof(pthread_mutex_t));
  ggsyscom_ssllock_count = OPENSSL_malloc(numlocks * sizeof(long));
  for(i=0; i<numlocks; i++) {
    ggsyscom_ssllock_count[i] = 0;
    pthread_mutex_init(&(ggsyscom_ssllock_cs[i]),NULL);
  }

  CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
  CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);

Note that I'm setting numlocks to 600 rather than its defined 
value just for testing.

And here is pthreads_locking_callback

static void pthreads_locking_callback(int mode, int type, char *file,int
line) {
  if (mode & CRYPTO_LOCK)
    {
      pthread_mutex_lock(&(ggsyscom_ssllock_cs[type]));
      ggsyscom_ssllock_count[type]++;
    }
  else
    {
      pthread_mutex_unlock(&(ggsyscom_ssllock_cs[type]));
    }
}

Thanks for the help,

Alberto


On Fri, 2004-02-20 at 17:54, FrÃdÃric Giudicelli wrote:
> I assume Stephen mentionned EVP_CIPHER_CTX because he wasn't sure which 
> "ctx" you were talking about.
> I can garantee you that shared SSL_CTX work fine, as long as the mutexes 
> are initialized the proper way.
> Did you try to use one SSL_CTX per thread to see if it worked ? If you 
> have a problem with this setup then it must be coming from your code, 
> and you might want to post your initialization code in the NG.
> 
> Regards,
-- 
Alberto Alonso                        Global Gate Systems LLC.
(512) 260-2523                        http://www.ggsys.net
Hardware, consulting, collocation, monitoring and remote backups
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to