On 03/31/10 01:46 PM, David Schwartz wrote:
Mark Phalan wrote:
Because it fixes the race when libraries are correctly checking to see
if the callbacks are already set before setting their own. It's a one
or
two line change to modify the mis-behaving libraries and new libraries
can take advantage of the new locking.
Two questions:
1) Are you suggesting that OpenSSL would report the callbacks *set* on
startup?
Yes.
2) Is there a significant amount of existing code that checks if
CRYTPO_get_locking_callback returns NULL and calls
CRYPTO_set_locking_callback only if it does?
I don't know.
If the answer to both of these questions is "yes", then your suggested fix
would work for that code. Then your suggested fix along with a new API for
new code to use might be the best solution.
Yes and at least library developers can be told there is a way to make
their code MT-safe (safely).
-M
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
