Hi,

We're currently using OpenSSL 0.9.7 in a multi threaded CORBA application and are experiencing some problems implementing the locking and thread_id callbacks.

We're using 0.9.7 because it's required by other components of the application.

1) According to the FAQ, "an SSL connection may not concurrently be used by multiple threads". Does this mean that an SSL connection can be used by different threads provided access is limited to one at a time?

2) We've implemented the required locking and thread_id callbacks and we're getting into a deadlock. OpenSSL is aquiring a lock and not releasing it. Have there been any bug fixes to the static locking since 0.9.7d? We've looked at the change log and nothing is jumping out at us.

3) Our application opens multiple SSL connections. We call SSL_library_init() only once. However, we're calling CRYPTO_set_locking_callback and CRYPTO_set_id_callback for each connection, but always with the same function pointers. Is this correct?

Here's our locking function:

static void locking_function(int mode, int n, const char *file, int line) {
         static util::Mutex sslMutex;
         static std::vector<util::Mutex*> mutexVec;

         int numMutex = CRYPTO_num_locks();

         // Initialize our vector of locks only once
         if(mutexVec.size() == 0) {
           sslMutex.lock();
           for(int i = 0; i < numMutex; i++){
             mutexVec.push_back(new util::Mutex());
           }
           sslMutex.unlock();
         }

         // We're not checking if it's a READ or a WRITE lock/unlock
         if (mode & CRYPTO_LOCK) {
           mutexVec[n]->lock();
         } else {
           mutexVec[n]->unlock();
         }
     }

Thanks,
Chris

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to