thread safety in gnutls [was: Re: Handshake and verification]
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Dec 9 17:34:57 CET 2009
On 12/09/2009 11:28 AM, lfinsto at gwdg.de wrote:
> Yes, it now works without locking the mutex (which I've removed entirely).
great.
> I'll try installing the newest version of the gcrypt library and removing
> the code for explicitly initializing the secure memory, but I won't be
> able to work on that today.
no worries. i think the gcrypt folks would rather that your app
explicitly initialized the secure memory anyway, rather than relying on
their default internal initialization.
the gcrypt NEWS file says:
Noteworthy changes in version 1.4.3 (2008-09-18)
------------------------------------------------
* Try to auto-initialize Libgcrypt to minimize the effect of
applications not doing that correctly. This is not a perfect
solution but given that many applicationion would totally fail
without such a hack, we try to help at least with the most common
cases. Folks, please read the manual to learn how to properly
initialize Libgcrypt!
Glad it's working for you now, anyway.
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 891 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20091209/9e9ded54/attachment.pgp>
More information about the Gnutls-devel
mailing list