An emerging issue with CUPS and other applications that use it has identified a critical design flaw in how OpenSSL supports multithreading.
Specifically, a multi-threaded application or library that uses OpenSSL must provide its own threading functions for OpenSSL to use. When both an application and a library (say, Firefox and libcups) both initialize and register their own threading functions, bad things happen and the application can crash. Pushing the responsibility of making OpenSSL thread-safe on the application is a bad design choice and needs to be fixed ASAP to allow cross-platform, multi-threaded applications to be developed safely. ________________________________________________________________________ Michael Sweet, Senior Printing System Engineer, PWG Chair ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
