[EXTERNAL] Re: Calling OpenSSL_thread_stop() multiple times

Thu Aug 24 08:42:48 UTC 2023

On 24/08/2023 09:28, Martin Bonner wrote:
> Yes, I read all that documentation.  I didn't interpret that as saying:
> "It is safe to call this OPENSSL_thread_stop(_ex) from DLLMain in
> response to DLL_THREAD_DETACH".
> 
> I think I was confused by the wording:
> "in response to a DLL_THREAD_DETACH message being sent to the
> libcrypto32.dll entry point"
> 
> Firstly, I thought the word "message" meant a WM_MESSAGE, and secondly,
> I didn't realize "libcrypto32.dll entry point" meant "DLLMain".
> 
> I think that quoted text would be better written as:
> "in response to the DLLMain for libcrypto32.dll being called with
> dwReason==DLL_THREAD_DETACH"
> 
> This does raise the question: if libcrypto is automatically calling
> OPENSSL_thread_stop(), why does Deepak B need to do so (but that is
> curiosity, not safety)?

This doesn't happen automatically if you link OpenSSL statically (on 
Windows). So if you link your *own* dll to OpenSSL statically then you 
might need to use this approach.

Matt

> 
> Finally:
>> OPENSSL_thread_stop() is used for freeing resources and I wouldn't
>> generally expect more complex processing to occur in it.
> 
> I wouldn't expect complex processing, but if some provider kept a
> count of threads using an auxiliary DLL, and did a FreeLibrary in
> OPENSSL_thread_stop if that call falls to zero, that would not be
> good.
> 
> 
> 
> Martin Bonner
> 
> 
> On 24/08/2023 08:38, Martin Bonner via openssl-users wrote:
> 
> OPENSSL_thread_stop() is used for freeing resources and I wouldn't
> generally expect more complex processing to occur in it.
> 
> If running on Windows and linking to OpenSSL dynamically then
> OPENSSL_thread_stop() is automatically called (the application does not
> need to do anything special). OpenSSL itself does this from DllMain and
> using DLL_THREAD_DETACH:
> 
> https://github.com/openssl/openssl/blob/84a149254f977f502dd2314169812fc6eae8c309/crypto/dllmain.c*L28-L44
> 
> The documentation for OPENSSL_thread_stop() does explicitly mention this:
> 
> "Resources local to a thread are deallocated automatically when the
> thread exits (e.g. in a pthreads environment, when pthread_exit() is
> called). On Windows platforms this is done in response to a
> DLL_THREAD_DETACH message being sent to the libcrypto32.dll entry point.
> Some windows functions may cause threads to exit without sending this
> message (for example ExitProcess()). If the application uses such
> functions, then the application must free up OpenSSL resources directly
> via a call to OPENSSL_thread_stop() on each thread. Similarly this
> message will also not be sent if OpenSSL is linked statically, and
> therefore applications using static linking should also call
> OPENSSL_thread_stop() on each thread. Additionally if OpenSSL is loaded
> dynamically via LoadLibrary() and the threads are not destroyed until
> after FreeLibrary() is called then each thread should call
> OPENSSL_thread_stop() prior to the FreeLibrary() call."
> 
> 
> 
> Matt
> 
> Any email and files/attachments transmitted with it are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.