In message <[EMAIL PROTECTED]> on Mon, 09 Dec 2002 11:17:07 +0000, Bertie <[EMAIL PROTECTED]> said:
bertie> The patch fixed the CRYPTO_get_new_dynlockid() bug. Maybe bertie> CRYPTO_lock could also be made safer when called with an bertie> invalid lockid, do you think it should assert rather silently bertie> do nothing ? That makes sense. OK, I'll add an OPENSSL_assert() just after the fetch of the pointer in there. bertie> My mod_ssl callback implementation was also broken because I bertie> was using a global apr_pool_t variable to pass in to bertie> apr_thread_mutex_create() in my dyn_create_callback bertie> function. This doesn't work in a multi-process, multi-threaded bertie> environment. bertie> It would be good for CRYPTO_set_dynlock_create_callback() to bertie> take an app defined structure which gets returned to the bertie> caller in ssl_util_dyn_create_function(). So something like: bertie> bertie> struct CRYPTO_dynlock_value *dyn_create_function(struct bertie> CRYPTO_dynlock_context *context, const char *file, int line) bertie> void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_context bertie> *context, bertie> struct CRYPTO_dynlock_value *(*dyn_create_function)(struct bertie> CRYPTO_dynlock_context *context,const char *file, int line)) Could actually just be a void*, since the OpenSSL routines wouldn't care at all about the value of the pointer. Of course, that would require some casting, but in this case, I don't see that as a problem (and we pass void* for user data to most of our callbacks today anyway). I'll ponder that. I understand the use, it's just that this close to a final beta release, I'm quite reluctant to add new functionality... bertie> BTW: You never replied to the mail with subject "Requiring bertie> multithreaded apps to provide dynamic locking upcalls" was bertie> this because you agreed with it :-) Not really. It's more like "haven't quite had the time to really read it, have marked it for later processing"... I will respond to one small part, however: you're suggesting breaking the API for 0.9.7. However, we're at the end of the release cycle, and making such a break is a rather large effort, and would basically mean that the release cycle would start over. Therefore, I must say that it won't happen for 0.9.7. I'll ponder over this for 0.9.8. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]