Hello OpenSSL. I know that thread safety in OpenSSL is a much discussed topic. I have read several GitHub issues[1], Stack Overflow threads[2], and I have read the blog paper[3] too.
However, I am still facing issues when I use `SSL_CTX` and `SSL` objects. I use `SSL_CTX` and `SSL` inside a threaded application. Threads are managed using pthread primitives. Basically, I create a `SSL_CTX`, and I fill it depending on the TLS method. At this point, the `SSL_CTX` is final. I never change it again. Then, I create n `SSL`s from the `SSL_CTX`, and I spawn n pthreads. Each pthread takes the ownership of a single `SSL`. Finally, each pthread is going to use its `SSL` object for establishing some TLS connections. `SSL` objects never get destroyed, instead I use `SSL_clear` for kind of recycling them. My question is: Is my app thread safe ? I wonder, because I am facing random null deref. If I create a `SSL_CTX` for each thread, everything is fine. Best regards, Thomas B. [1] https://github.com/openssl/openssl/issues/2165 <https://github.com/openssl/openssl/issues/2165> [2] https://stackoverflow.com/questions/40583314/ssl-new-thread-safe-or-not <https://stackoverflow.com/questions/40583314/ssl-new-thread-safe-or-not> [3] https://www.openssl.org/blog/blog/2017/02/21/threads/ <https://www.openssl.org/blog/blog/2017/02/21/threads/> NB: I'am using OpenSSL 1.1.1, from git.
