[gnutls-devel] [TLS] multiple clients in one process (was: Re: Deployment ... Re: This working group has failed)
Nico Williams
nico at cryptonector.com
Sun Dec 1 03:46:51 CET 2013
On Saturday, November 30, 2013, Andy Lutomirski wrote:
> On Nov 30, 2013 6:03 PM, "Nico Williams" <nico at cryptonector.com<javascript:_e({}, 'cvml', 'nico at cryptonector.com');>>
> wrote:
> > Yes, nothing should fork() and try to use a non-async-signal-safe
> > interface on the child-side of the fork.
>
> Huh? It should be entirely safe for a single-threaded program to open a
> TLS connection, close it, fork, and open another connection.
>
> The async-signal-safe-only thing applies to multithreaded programs only.
>
A program using a TLS library might be threaded unwittingly. What if the
TLS library wants to parallelize, say, AES counter mode computation and
starts worker threads for doing it?
In a layered software case (involving complex plugins, say) you quickly
lose control over whether the process is threaded.
Nico
--
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20131130/9a9f7527/attachment.html>
More information about the Gnutls-devel
mailing list