[openssl-dev] [openssl.org #2293] OpenSSL dependence on external threading functions is a critical design flaw

[Florian Weimer]

On 09/03/2014 11:50 PM, Rich Salz via RT wrote:
> We're going to try to clean up the threads situation post-1.0.2, but closing
> this particular ticket.

Can you at least change the FAQ to make sure that OpenSSL is *not*
thread safe by default?  Currently, it claims the opposite.

The error reporting library critically depends on working locking
functions.  You get strange results if you believe the FAQ that OpenSSL
is thread-safe, even if you do not use any objects across threads.

-- 
Florian Weimer / Red Hat Product Security