A while ago, I was involved in a new project that gave me the chance to play with libSSL for a while, I did read some tutorials and studied some examples on the Internet; but when I was testing the actual source code, I found out that It was quite unstable; the software that I wrote acts unexpectedly as if It has its own mind and wound crash due to segmentation faults or memory violations unpredictably.
After tracing the actual source code of the OpenSSL library, I figured out a few interesting things that I would like to share.
- OpenSSL library could be build without multi-thread support; since most commercial software products are designed with multi-thread, please be sure to check if the library that you're using is build with multi-thread enabled.
- Even if you have enabled the multi-thread support, OpenSSL library is not thread safe right outside of the box, you have to implement two operations:
- first is a function that will return the current thread ID.
- the second is a function that will handle the mutex lock and unlock actuion.
- the two operation functions mentioned in the previous section should be introduced to the OpenSSL library by using some provided APIs like:
- CRYPTO_set_id_callback
- CRYPTO_set_locking_callback
沒有留言:
張貼留言