Subject: Re: Thread safety issues

Re: Thread safety issues

From: Daniel Stenberg <>
Date: Mon, 30 Aug 2010 22:44:10 +0200 (CEST)

On Mon, 30 Aug 2010, Aris Adamantiadis wrote:

> The problem is that it's not sufficient, as Simon exposed, because some
> cryptographic primitives (PRNG) are not threadsafe themselves. This means
> that ssh_init() (and libssh2 equivalent) is not the only non-threadsafe
> function.

Then I think the explanation wasn't good enough. The PRNG you speak of that
needs proper protection and care is only done at initialization time.

> Since almost every packet sending requires random bytes, it's reasonable to
> say that any API calls that sends a packet is at risk.

As was already said OpenSSL and libgcrypt both needs their own functions
protected by mutex callbacks. So yes, if you use libssh2 multi-threaded you
need to set those callbacks (which is a layer violation as noted).

I know users who have used libssh2 very well for a very long time in a
multi-threaded environment so I'm positive it works as intended (and perhaps
not too surprisingly, we use the same approach to the SSL layer locking within
libcurl and yes that too works multi-threaded). Well, apart from the
occasional bugs of course.

Alas, we already use Simon's alternative #0 in libssh2. I'm not too fond of
alternative #1, but then there's no clear winner in this race... :-(

Received on 2010-08-30