As long as calling the openssl initialization functions multiple times
doesn't hurt. I have other libraries in my application with libssh2 that
also make calls to openssl initialization functions.
Also, from the openssl_add_all_ciphers man page: "Calling
OpenSSL_add_all_algorithms() links in all algorithms: as a result a
statically linked executable can be quite large. If this is important it is
possible to just add the required ciphers and digests." We should take care
to not add extra ciphers that are not ever needed by ssh.
Just FYI, my application has on occasion launched around 16 sftp threads
with 2 ssh exec threads going on at the same time, and the only problem I
have ever had was a bug in the version of OpenSSL I was using at the time.
Neil
-----Original Message-----
From: Jean-Louis CHARTON [mailto:Jean-Louis.CHARTON_at_oikialog.com]
Sent: Saturday, March 28, 2009 5:18 PM
To: libssh2-devel_at_lists.sourceforge.net
Subject: libssh2 in a multi threaded application
Is libssh2 designed to be used safely in a multi threaded program?
Parts of the code I've read thus far make me think the answer could is
yes.
However, I think I've found at least one non re-entrant peace of code in
openssl.c in _libssh2_rsa_new_private and _libssh2_dsa_new_private. I
mean
the code below :
if (!EVP_get_cipherbyname("des")) {
/* If this cipher isn't loaded it's a pretty good indication that none
are.
* I have *NO DOUBT* that there's a better way to deal with this
($#&%#$(%$#(
* Someone buy me an OpenSSL manual and I'll read up on it.
*/
OpenSSL_add_all_ciphers();
}
As far as I known, OpenSSL_add_all_ciphers is not thread safe. Actually,
it does
not mean OpenSSL can't be use in a multi threaded application. It just
means
special care have to be taken. A way is to call
OpenSSL_add_all_ciphers() or similar
functions like OpenSSL_add_all_digests() and
OpenSSL_add_all_algorithms() in the program
main thread early at program initialization.
So, could it be possible to have a special initialization function for
libssh2 library
that would do all the non re-entrant but necessary initializations one
could call early
in main before spawning new threads?
For example:
int libssh2_library_init(void)
{
/* If build with OpenSSL, add all ciphers. */
OpenSSL_add_all_ciphers();
/* Eventually, other initializations... (libgrcrypt maybe ?) */
...
}
then in main() :
{
if (libssh2_library_init() != 0) {
print some error;
exit(EXIT_FAILURE);
}
...
start other threads that make calls to libssh2 functions
}
BTW, this would make the code below
if (!EVP_get_cipherbyname("des")) {
/* If this cipher isn't loaded it's a pretty good indication that none
are.
* I have *NO DOUBT* that there's a better way to deal with this
($#&%#$(%$#(
* Someone buy me an OpenSSL manual and I'll read up on it.
*/
OpenSSL_add_all_ciphers();
}
unnecessary.
JL
----------------------------------------------------------------------------
-- _______________________________________________ libssh2-devel mailing list libssh2-devel_at_lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/libssh2-devel ------------------------------------------------------------------------------ _______________________________________________ libssh2-devel mailing list libssh2-devel_at_lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/libssh2-develReceived on 2009-03-29