As long as calling the openssl initialization functions multiple times doesn't hurt. I have other libraries in my application with libssh2 that also make calls to openssl initialization functions.
Also, from the openssl_add_all_ciphers man page: "Calling OpenSSL_add_all_algorithms() links in all algorithms: as a result a statically linked executable can be quite large. If this is important it is possible to just add the required ciphers and digests." We should take care to not add extra ciphers that are not ever needed by ssh. Just FYI, my application has on occasion launched around 16 sftp threads with 2 ssh exec threads going on at the same time, and the only problem I have ever had was a bug in the version of OpenSSL I was using at the time. Neil -----Original Message----- From: Jean-Louis CHARTON [mailto:jean-louis.char...@oikialog.com] Sent: Saturday, March 28, 2009 5:18 PM To: libssh2-devel@lists.sourceforge.net Subject: libssh2 in a multi threaded application Is libssh2 designed to be used safely in a multi threaded program? Parts of the code I've read thus far make me think the answer could is yes. However, I think I've found at least one non re-entrant peace of code in openssl.c in _libssh2_rsa_new_private and _libssh2_dsa_new_private. I mean the code below : if (!EVP_get_cipherbyname("des")) { /* If this cipher isn't loaded it's a pretty good indication that none are. * I have *NO DOUBT* that there's a better way to deal with this ($#&%#$(%$#( * Someone buy me an OpenSSL manual and I'll read up on it. */ OpenSSL_add_all_ciphers(); } As far as I known, OpenSSL_add_all_ciphers is not thread safe. Actually, it does not mean OpenSSL can't be use in a multi threaded application. It just means special care have to be taken. A way is to call OpenSSL_add_all_ciphers() or similar functions like OpenSSL_add_all_digests() and OpenSSL_add_all_algorithms() in the program main thread early at program initialization. So, could it be possible to have a special initialization function for libssh2 library that would do all the non re-entrant but necessary initializations one could call early in main before spawning new threads? For example: int libssh2_library_init(void) { /* If build with OpenSSL, add all ciphers. */ OpenSSL_add_all_ciphers(); /* Eventually, other initializations... (libgrcrypt maybe ?) */ ... } then in main() : { if (libssh2_library_init() != 0) { print some error; exit(EXIT_FAILURE); } ... start other threads that make calls to libssh2 functions } BTW, this would make the code below if (!EVP_get_cipherbyname("des")) { /* If this cipher isn't loaded it's a pretty good indication that none are. * I have *NO DOUBT* that there's a better way to deal with this ($#&%#$(%$#( * Someone buy me an OpenSSL manual and I'll read up on it. */ OpenSSL_add_all_ciphers(); } unnecessary. JL ---------------------------------------------------------------------------- -- _______________________________________________ libssh2-devel mailing list libssh2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/libssh2-devel ------------------------------------------------------------------------------ _______________________________________________ libssh2-devel mailing list libssh2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/libssh2-devel
