CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
void CRYPTO_set_locking_callback(void (*locking_function)(int mode,
int n, const char *file, int line));
void CRYPTO_set_id_callback(unsigned long (*id_function)(void));
void CRYPTO_set_idptr_callback(void *(*idptr_function)(void));
/* struct CRYPTO_dynlock_value needs to be defined by the user */
void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *
(*dyn_create_function)(char *file, int line));
void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
(int mode, struct CRYPTO_dynlock_value *l,
const char *file, int line));
void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
(struct CRYPTO_dynlock_value *l, const char *file, int line));
void CRYPTO_destroy_dynlockid(int i);
void CRYPTO_lock(int mode, int n, const char *file, int line);
#define CRYPTO_w_lock(type) \
#define CRYPTO_w_unlock(type) \
#define CRYPTO_r_lock(type) \
#define CRYPTO_r_unlock(type) \
#define CRYPTO_add(addr,amount,type) \
OpenSSL can safely be used in multi-threaded applications provided that at
least two callback functions are set.
locking_function(int mode, int n, const char *file, int line)
is needed to perform locking on shared data structures. (Note that OpenSSL
uses a number of global data structures that will be implicitly shared
whenever multiple threads use OpenSSL.) Multi-threaded applications will
crash at random if it is not set.
locking_function() must be able to handle up to
CRYPTO_num_locks() different mutex locks. It sets the n-th lock if mode &
CRYPTO_LOCK, and releases it otherwise.
file and line are the file number of the function setting the lock. They can be useful
id_function(void) is a function that returns a numerical
thread ID, for example
pthread_self() if it returns an integer
(see NOTES below). By OpenSSL's defaults, this is not needed on Windows nor
on platforms where
getpid() returns a different ID for each
thread (see NOTES below).
idptr_function(void) is a function that similarly returns a
thread ID, but of type void *. This is not needed on platforms where
&errno is different for each thread. OpenSSL assumes that
it is in the same thread iff both the numerical and the pointer thread ID
agree, so it suffices to define one of these two callback functions
Additionally, OpenSSL supports dynamic locks, and sometimes, some parts of
OpenSSL need it for better performance. To enable this, the following is
struct CRYPTO_dynlock_value has to be defined to contain whatever structure
is needed to handle locks.
dyn_create_function(const char *file, int line) is needed to
create a lock. Multi-threaded applications might crash at random if it is
dyn_lock_function(int mode, CRYPTO_dynlock *l, const char
*file, int line) is needed to perform locking off dynamic lock numbered n.
Multi-threaded applications might crash at random if it is not set.
dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int
line) is needed to destroy the lock l. Multi-threaded applications might
crash at random if it is not set.
CRYPTO_get_new_dynlockid() is used to create locks. It will
call dyn_create_function for the actual creation.
CRYPTO_destroy_dynlockid() is used to destroy locks. It will
call dyn_destroy_function for the actual destruction.
CRYPTO_lock() is used to lock and unlock the locks. mode is a
bitfield describing what should be done with the lock. n is the number of
the lock as returned from
CRYPTO_get_new_dynlockid(). mode can
be combined from the following values. These values are pairwise exclusive,
with undefined behaviour if misused (for example, CRYPTO_READ and
CRYPTO_WRITE should not be used together):
CRYPTO_num_locks() returns the required number of locks.
CRYPTO_get_new_dynlockid() returns the index to the newly
The other functions return no values.
You can find out if OpenSSL was configured with thread support:
// thread support enabled
// no thread support
Also, dynamic locks are currently not used internally by OpenSSL, but may
do so in the future.
id_function(void) has it's own issues. Generally
pthread_self() should be used, even on platforms
getpid() gives different answers in each thread, since
that may depend on the machine the program is run on, not the machine where
the program is being compiled. For instance, Red Hat 8 Linux and earlier
used LinuxThreads, whose
getpid() returns a different value
for each thread. Red Hat 9 Linux and later use NPTL, which is
Posix-conformant, and has a
getpid() that returns the same
value for all threads in a process. A program compiled on Red Hat 8 and run
on Red Hat 9 will therefore see
getpid() returning the same
value for all threads.
There is still the issue of platforms where
returns something other than an integer. It is for cases like this that
CRYPTO_set_idptr_callback() comes in handy. (E.g., call
malloc(1) once in each thread, and have
idptr_function() return a pointer to this object.)
crypto/threads/mttest.c shows examples of the callback functions on Solaris, Irix and Win32.
CRYPTO_set_id_callback() are available in all versions of
SSLeay and OpenSSL.
CRYPTO_num_locks() was added in OpenSSL
0.9.4. All functions dealing with dynamic locks were added in OpenSSL
CRYPTO_set_idptr_callback() was added in OpenSSL 0.9.9.