After SSL_CTX is not only containing default settings but hash of sessions,
this seems to be thread safe using a locks.
```
SSL_CTX_add_session
CRYPTO_THREAD_write_lock(ctx->lock);
...
CRYPTO_THREAD_unlock(ctx->lock);
```
OpenSSL can be safely used in multi-threaded applications provided that support
for the underlying OS threading API is built-in. Currently, OpenSSL supports
the pthread and Windows APIs. OpenSSL can also be built without any
multi-threading support, for example on platforms that don't provide any
threading support or that provide a threading API that is not yet supported by
OpenSSL.
Not sure if there could be a pitfall for forking process, better keep the
default value as it is.
It seems another option, could be to copy only the X509_store
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/1585#issuecomment-404050785_______________________________________________
Kamailio (SER) - Development Mailing List
[email protected]
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-dev
