Alan Conway commented on PROTON-992:

We'll need an abstraction for "once", pthread_once won't work on windows. If 
we're considering non-portable options, GNU C also has per-process init 
functionality: https://gcc.gnu.org/onlinedocs/gccint/Initialization.html. I 
don't much like this route though, proton is supposed to be highly portable - 
can you use pthreads or Gnu C on Android? I don't know. A called-from-main 
init/final function is the tranditional (and AFAIK only portable) C way to 
handle this. I like that proton doesn't have global state and doesn't need to 
do this, but if we are going to rely on 3rd party libraries that lack that 
discipline I don't really see the choice.

As for the SASL lib - as I read it (I could be wrong) the dispose stuff only 
deals with sasl_conn_t state, not global state, so as long as you serialize per 
connection you're OK. I won't stake my life on this since I was reading the 
wrong version of the code the last time...

> Proton's use of Cyrus SASL is not thread-safe.
> ----------------------------------------------
>                 Key: PROTON-992
>                 URL: https://issues.apache.org/jira/browse/PROTON-992
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-c
>    Affects Versions: 0.10
>            Reporter: michael goulish
>            Assignee: michael goulish
>            Priority: Critical
> Documentation for the Cyrus SASL library says that the library is believed to 
> be thread-safe only if the code that uses it meets several requirements.
> The requirements are:
>     * you supply mutex functions (see sasl_set_mutex())
>     * you make no libsasl calls until sasl_client/server_init() completes
>     * no libsasl calls are made after sasl_done() is begun
>     * when using GSSAPI, you use a thread-safe GSS / Kerberos 5 library.
> It says explicitly that that sasl_set* calls are not thread safe, since they 
> set global state.
> The proton library makes calls to sasl_set* functions in :
>           pni_init_client()
>           pni_init_server(), and
>           pni_process_init()
> Since those are internal functions, there is no way for code that uses Proton 
> to lock around those calls.
> I think proton needs a new API call to let applications call 
> sasl_set_mutex().  Or something.
> We probably also need other protections to meet the other requirements 
> specified in the Cyrus documentation (and quoted above).

This message was sent by Atlassian JIRA

Reply via email to