Subject: Re: Thread safety issues

Re: Thread safety issues

From: Aris Adamantiadis <>
Date: Mon, 30 Aug 2010 22:35:52 +0200

Daniel Stenberg a écrit :
> On Mon, 30 Aug 2010, Aris Adamantiadis wrote:
>> I think libssh2 falls in the same trap and has to be aware of the
>> threading model used by the host application since it depends on
>> software which is inherently not threadsafe.
> No, libssh2 does not fall into that trap exactly because we already
> document that libssh2_init is not thread-safe so anyone who uses threads
> needs to take precautions. libssh2 does not have to be aware, as Simon's
> list of alteratives show although that is certainly one way to do it.
> The current approach we use is very common approach among libraries so I
> don't consider libssh2 any strange in this aspect. In fact, I would've
> expected the same or similar wording and limitation in libssh.
Hi Daniel,

We have the same wording. Our documentation tells that ssh_init()
should be called in the main thread, before threading starts.

The problem is that it's not sufficient, as Simon exposed, because some
cryptographic primitives (PRNG) are not threadsafe themselves. This
means that ssh_init() (and libssh2 equivalent) is not the only
non-threadsafe function. Since almost every packet sending requires
random bytes, it's reasonable to say that any API calls that sends a
packet is at risk.
Simon did a great job in describing the alternatives, and we're going
to implement #1 in libssh.

Received on 2010-08-30