[openssl-dev] [openssl-team] Discussion: design issue: async and -lpthread
Nico Williams
nico at cryptonector.com
Mon Nov 30 17:12:24 UTC 2015
On Mon, Nov 23, 2015 at 11:56:54PM +0000, Viktor Dukhovni wrote:
> > It may be a good idea to rethink locking completely.
>
> There is some glimmer of hope in that as various libcrypto structures
> become opaque, the locking moves from application code into the
> library. For example, we now have (yet to be documented):
>
> X509_up_ref()
Ideally there would be very little locking in OpenSSL, and instead the
app would be responsible for most locking (if needed).
But that will be a lengthy transition, no? Maybe we'll need functions
by which to indicate that the app will be doing locking for specific
objects. Still, functions like RAND_bytes() that have no context object
will need locking, so new functions will be needed that take contexts so
as to minimize locking.
> Doing this requires a global review of the API, and filling in
> missing functions and documentation. :-(
Yes.
Nico
--
More information about the openssl-dev
mailing list