[openssl-users] Lock for SSL_accept method

Matt Caswell matt at openssl.org
Thu Feb 8 10:50:53 UTC 2018

On 08/02/18 00:43, Yan, Bob via openssl-users wrote:
> I used a mutex lock to prevent the SSL_accept() method being called by
> multiple thread concurrently since it may get coredump if there is no
> lock on SSL_accept() method. I am just wondering is the lock is still
> needed for openssl 1.0.2e version?
>         mutex.lock();
>         int rt = SSL_accept(SslSessionObject);
>         mutex.unlock();

Hmmm. Well it depends what you mean exactly. The first question is: have
you set up the thread locking callbacks?


As long as you have done the above then SSL_accept() is thread safe in
as much as it can be called concurrently with different SSL objects
passed as a parameter.

It is never safe to call SSL_accept() concurrently with the *same* SSL
object passed as a parameter. If you want to call SSL_accept() from
multiple threads with the same SSL object then you would have to arrange
your own locking.


More information about the openssl-users mailing list