Re: OpenSSL on Win = Thread Safety

2010-06-25 Thread Jakob Bohm
On 24-06-2010 19:25, Massimiliano Pala wrote: Hi all, I have a question for Win coders.. I am porting LibPKI, which is based on OpenSSL, to Win OSes. On UNiX OSes we used pthread to initialize support for threads in OpenSSL. What is the best practice for Win OS ? Does anybody have some sample

Re: OpenSSL on Win = Thread Safety

2010-06-25 Thread Jakob Bohm
On 24-06-2010 23:31, Jeffrey Walton wrote: Hi Massimiliano, If the locks need to be shared across processes, use a Mutex (the mutexes can be named for separate processes, or the mutex can be unnamed if Object Handle Inheritance is used (a flag to CreateProcess, which is similar to fork(2))).

Re: OpenSSL on Win = Thread Safety

2010-06-25 Thread Jeffrey Walton
Hi Jakob, Boy this is an argumentative list at times As a Win32 guy, I understand your the finer points you are making. Unfortunately, there are implicit assumptions that are being made which are undermining your arguments. Put another way, its the attacks which you *don't* know about which

Re: OpenSSL on Win = Thread Safety

2010-06-25 Thread Jakob Bohm
Read my post again, I did not say that NULL DACLs are not obviously dangerous (they are and have been deprecated since the mid 1990s). I said that a NULL SECURITY_ATTRIBUTES does not result in a NULL DACL but something much less dangerous. If you found a way to make the SRM assign a NULL DACL

Re: OpenSSL on Win = Thread Safety

2010-06-25 Thread Jeffrey Walton
Hi Jakob, I do agree with you that a NULL SecAttrib will get you a default descriptor. After sending the post (before you jumped on it), I wanted to preface the statement with some hand waiving. What constitutes a default descriptor is somewhat of a moving target when over the Windows OS's and

OpenSSL on Win = Thread Safety

2010-06-24 Thread Massimiliano Pala
Hi all, I have a question for Win coders.. I am porting LibPKI, which is based on OpenSSL, to Win OSes. On UNiX OSes we used pthread to initialize support for threads in OpenSSL. What is the best practice for Win OS ? Does anybody have some sample code around ? In particular, I am referring to

Re: OpenSSL on Win = Thread Safety

2010-06-24 Thread Jeffrey Walton
Hi Massimiliano, If the locks need to be shared across processes, use a Mutex (the mutexes can be named for separate processes, or the mutex can be unnamed if Object Handle Inheritance is used (a flag to CreateProcess, which is similar to fork(2))). Otherwise, use a CRITICAL_SECTION. The

Re: OpenSSL on Win = Thread Safety

2010-06-24 Thread Ger Hobbelt
On Thu, Jun 24, 2010 at 7:25 PM, Massimiliano Pala massimiliano.p...@dartmouth.edu wrote: Hi all, I have a question for Win coders.. I am porting LibPKI, which is based on OpenSSL, to Win OSes. On UNiX OSes we used pthread to initialize support for threads in OpenSSL. What is the best