Hello again, On Thu, Apr 30, 2009 at 12:10 AM, Daniel Stenberg <[email protected]> wrote:
> On Wed, 29 Apr 2009, Matt Veenstra wrote: > > Removing the seed call (which I assume is used for the salt) solves the >> crash. Should the seed be set in curl_global_init()? >> > > I find no OpenSSL docs that claim those random functions aren't thread-safe > so it seems thet should be possible to use like this. Although I think that > if the problem persists it might be a good idea to take it up with the > OpenSSL devs as welll to see if they have anything wise to add to this. > > The seed cannot easily be set in curl_global_init() mostly due to how our > API is: it features several options that influence the seeding and they are > set on a per-easy handle basis. > > I would also suggest that you try with a very recent libcurl as well to see > if that too repeats the problem just to make sure you're not hunting ghosts! > I finally had the time to rebuild and try with the most recent stable versions and the crash still exists. I am using libcurl 7.19.4 and openssl 0.9.8k. The crash still happens. Does libcurl have any simple global lock/mutex we can wrap around these calls as a fix? They do not take very long and in a perfect world would only be called once per thread. My fix today is to NOT seed OpenSSL. I do this by modifying libcurl. I of course could write my own very simple lock as well. I will also start a conversation with the openssl list. Thanks for any other ideas, Matt
