Bobby Krupczak wrote:
Hi!
The ORA Network Security with OpenSSL documents the few
stubs you need
to in order for openssl to work with pthreads as well as windows
threads. You can even download the example code from the net.
What is the link for the above ?
http://www.oreilly.com/catalog/openssl/
Yes, sorry I neglected to post the URL.
The book's website is:
http://www.opensslbook.com
The example code also includes code for generating your own keys,
and certs in C so you can imbed it in your own programs. (This
question comes up periodically on the mailing list)
The book is definitely worth owning.
The book may be worth owning but we need an immediate solution. I did
find the code in crypto/threads/mttest.c and do understand it, so I know
what needs to be done.
Our situation is that we are using OpenSSL from a single Windows DLL in
a multi-threaded Web Server application. The claim has been made by
others in my programming group that our use of OpenSSL has been in place
in a previous release of our product without noticable problems. We have
not implemented the equivalent code similar to mttest.c to protect
threads, nor have we put critical sections around our own use of OpenSSL
in the single Windows DLL to make sure only one thread uses OpenSSL at a
time. Our use of OpenSSL in our single DLL has been strictly in calls to
EVP_ and HMAC_ functionality, but these calls can obviously be made by
multiple threads of the web server application "simultaneously". Have we
just been lucky not to have experienced problems in the past, without
thread protection, or is it possible that the calls to the cryptographic
functions for EVP_ and HMAC_ actually do not need multi-threaded
protection as outlined in mttest.c ? Our own DLL which uses OpenSSL has
itself no global data structures which need protection.
BTW I am entirely in favor of providing the multi-threaded protection
outlined in mttest.c above, but I have to convince others that it is
absolutely needed else the inertia of others will just turn away from
this problem. So if you, as an OpenSSL expert, tell me that our use of
EVP_ and HMAC_ cryptographic functions needs multi-threaded protection,
else crashes could occur, I can pass this on to the other people
involved, since I can not enforce decisions although I am a C++
programming expert.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
