On Mon, Jan 21, 2008 at 09:24:34AM +0100, Tomas Mraz wrote: > On Sun, 2008-01-20 at 11:59 -0800, David Schwartz wrote: > > > I should be able to create a multithreaded application using > > > a non-multithreaded openssl build provided that I have an ssl > > > context per thread. > > > > Most definitely not. At a minimum, the definition of things like 'errno' and > > 'malloc' might be different between a multithreaded build and a > > non-multithreaded build. There is no supported way to combine multithreaded > > code and code that was not compiled to be multithreaded. > > > > It may happen to work, but that's a lousy way to make security-sensitive > > software. > > Definitely not true on gcc+glibc - there is no difference between > multithreaded and non-multithreaded _compilation_ (surely not for errno > and malloc).
In Debian we have a policy of compiling all libraries with -D_REENTRANT. As far as I know this was needed for LinuxThreads support. I'm not sure it's still needed since we switch to NPTL. There was a time when -D_REENTRANT had some effects, I'm not sure it still does. Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]