[openssl-users] Lock for SSL_accept method
Matt Caswell
matt at openssl.org
Thu Feb 8 10:50:53 UTC 2018
On 08/02/18 00:43, Yan, Bob via openssl-users wrote:
> I used a mutex lock to prevent the SSL_accept() method being called by
> multiple thread concurrently since it may get coredump if there is no
> lock on SSL_accept() method. I am just wondering is the lock is still
> needed for openssl 1.0.2e version?
>
>
>
> mutex.lock();
>
> int rt = SSL_accept(SslSessionObject);
>
> mutex.unlock();
Hmmm. Well it depends what you mean exactly. The first question is: have
you set up the thread locking callbacks?
https://www.openssl.org/docs/faq.html#PROG1
As long as you have done the above then SSL_accept() is thread safe in
as much as it can be called concurrently with different SSL objects
passed as a parameter.
It is never safe to call SSL_accept() concurrently with the *same* SSL
object passed as a parameter. If you want to call SSL_accept() from
multiple threads with the same SSL object then you would have to arrange
your own locking.
Matt
More information about the openssl-users
mailing list