Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Tutorial on Using OpenSSL with pthreads [closed]

OpenSSL documents state that it can safely be used in multi-threaded applications provided that at least two callback functions are set, locking_function and threadid_func....

I've written programs which use OpenSSL API. Moreover, I know how to use pthreads. However, the OpenSSL documents are written in the form of a manual, and I can't see a step-by-step guide on what I have to do when using OpenSSL in a multi-threaded app.

Is there a tutorial on using OpenSSL with pthreads? (I searched the web, but no satisfactory result appeared.)

PS: I'm working in Debian Lenny & Ubuntu Lucid/Maverick.

PS2: OpenSSL includes a sample, but it's far too complicated to start with.

like image 805
M.S. Dousti Avatar asked Oct 12 '10 22:10

M.S. Dousti


1 Answers

Chapter 10 of the book The Definitive Guide to Linux Network Programming includes a section Thread-safe Programming with OpenSSL (on pages 255-259). This section details how OpenSSL and the pthreads library work. Specially, it tells how to setup the callback functions both in static allocation (where the number of threads are known a priori) and dynamic allocation (where threads are created and destroyed on the fly).

Another good source is Section 4.1 of the book Network Security with OpenSSL, titled Multithread Support. It provides static/dynamic allocation mechanisms in subsections 4.1.1 and 4.1.2, respectively.

Finally, there's the book Unix-Netzwerkprogrammierung mit Threads, Sockets und SSL, which is by far the most comprehensive one on the subject. Unfortunately, the English translation of this German book is not available.

Edit: The above references are now considered obsolete, as OpenSSL 1.1.0 changelog explains:

OpenSSL now uses a new threading API. It is no longer necessary to set locking callbacks to use OpenSSL in a multi-threaded environment. There are two supported threading models: pthreads and windows threads. It is also possible to configure OpenSSL at compile time for "no-threads". The old threading API should no longer be used. The functions have been replaced with "no-op" compatibility macros.

[Alessandro Ghedini, Matt Caswell]

This is further elaborated in OpenSSL blog post OpenSSL and Threads.

See also this issue on OpenSSL GitHub repository, which is open since 2017.

like image 89
M.S. Dousti Avatar answered Oct 31 '22 20:10

M.S. Dousti