[openssl-dev] About multi-thread unsafe for APIs defined in crypto/objects/obj_dat.c

Yun Jiang yun.jiang at realvnc.com
Wed Jan 24 12:37:48 UTC 2018 

Thanks!

The problem is that I need to get a customized certificate extension based on an OID. Until now, I cannot find a solution without dynamically calling OBJ_create(OID, NULL. NULL).


Yun



From: openssl-dev [mailto:openssl-dev-bounces at openssl.org] On Behalf Of Peter Waltenberg
Sent: 24 January 2018 01:23
To: Salz, Rich <rsalz at akamai.com>; openssl-dev at openssl.org
Subject: Re: [openssl-dev] About multi-thread unsafe for APIs defined in crypto/objects/obj_dat.c

It's also not that much of a problem in practice..
If you are using those API's you are adding new crypto. methods. Doing that after threading has started is not going to give good results with or without locking.

Peter




From:        "Salz, Rich via openssl-dev" <openssl-dev at openssl.org<mailto:openssl-dev at openssl.org>>
To:        "openssl-dev at openssl.org<mailto:openssl-dev at openssl.org>" <openssl-dev at openssl.org<mailto:openssl-dev at openssl.org>>
Date:        24/01/2018 11:19
Subject:        Re: [openssl-dev] About multi-thread unsafe for APIs defined in crypto/objects/obj_dat.c
Sent by:        "openssl-dev" <openssl-dev-bounces at openssl.org<mailto:openssl-dev-bounces at openssl.org>>
________________________________


  *   OpenSSL APIs, which makes the following OpenSSL documentation statement invalid (https://www.openssl.org/docs/man1.0.2/crypto/threads.html<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.openssl.org_docs_man1.0.2_crypto_threads.html&d=DwMFAw&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=ZS_kRxGa4vj0O6wqfY-6q7kwVT0WiIMkFqw1XWHym4o&s=GK3QtuXP-8j_1nbRihxeJGLAIYXt1BNIyh3WHP6EJlY&e=>)


  *   "OpenSSL can safely be used in multi-threaded applications provided that at least two callback functions are set, locking_function and threadid_func."


  *   Is there any planning to fix this issue?


Well, the most likely fix is to make the “safely” wording be more vague, which I doubt you’ll like.  But I doubt anyone on the team has much interest in fixing 1.0.2 locking issues.--
openssl-dev mailing list
To unsubscribe: https://urldefense.proofpoint.com/v2/url?u=https-3A__mta.openssl.org_mailman_listinfo_openssl-2Ddev&d=DwICAg&c=jf_iaSHvJObTbx-siA1ZOg&r=K53ZTnW2gq2IjM1tbpz7kYoHgvTfJ_aR8s4bK_o2xzY&m=xEO93f-eFk98ZtSS2VW5oQoqCSoxBFAun8n0dZayTrs&s=9NZPKi5lqIGH6Jq4RqlHOiKqzuqUqZQMEQvpBr3aKsw&e=


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20180124/c7c584b2/attachment-0001.html>

More information about the openssl-dev mailing list