> thanks for the info and the background on JuiCE. Do you > (or somebody else on the list) know about the threading > issues you mentioned? What was the problem here?
Any safe use of OpenSSL needs to install proper locking and thread callbacks. It's not hard to do, it just needs to be done. The code for this is readily available in the Shibboleth project and other places. > I've looked into openSSL code and as far as I could see > there should be no threading issue. There may be a threading > issue if you use the same Digest/Crypto context data in > several threads - this I don't do because I allocate > the contexts on a per crypto/digest/signature instance. This isn't the kind of thing you risk. You can speculate about whether you need it or not, but the right thing to do is just install the callbacks. -- Scott
