James Browning said:
> OpenSSL *seems* to be annoyingly non-reentrant
Could you please say more?
I poked around a bit. It seems to have a config option to enable pthread
support, so the first question is do the distros we run on configure it that
way? Are there problems beyond that?
I tried to make pthreads off-limits in seccomp when we built with
--disable-dns-lookup, but it blew up because libcrypto was calling
pthread_init.
ldd /usr/lib64/libssl.so
linux-vdso.so.1 (0x00007fff439fc000)
libcrypto.so.1.1 => /lib64/libcrypto.so.1.1 (0x00007fd9a7520000)
libz.so.1 => /lib64/libz.so.1 (0x00007fd9a7506000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007fd9a7500000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fd9a74de000)
libc.so.6 => /lib64/libc.so.6 (0x00007fd9a7318000)
/lib64/ld-linux-x86-64.so.2 (0x00007fd9a78b1000)
$
ldd /usr/lib64/libcrypto.so
linux-vdso.so.1 (0x00007fffe3f99000)
libz.so.1 => /lib64/libz.so.1 (0x00007fedccae3000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007fedccadd000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fedccabb000)
libc.so.6 => /lib64/libc.so.6 (0x00007fedcc8f5000)
/lib64/ld-linux-x86-64.so.2 (0x00007fedccdf8000)
$
--
These are my opinions. I hate spam.
_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
