aboutsummaryrefslogtreecommitdiffstats
path: root/doc/crypto/threads.pod
blob: dc0e9391dc206ade670d408cc0b8664cf7157090 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
=pod

=head1 NAME

CRYPTO_THREADID_set_callback, CRYPTO_THREADID_get_callback,
CRYPTO_THREADID_current, CRYPTO_THREADID_cmp, CRYPTO_THREADID_cpy,
CRYPTO_THREADID_hash, CRYPTO_set_locking_callback, CRYPTO_num_locks,
CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support

=head1 SYNOPSIS

 #include <openssl/crypto.h>

 /* Don't use this structure directly. */
 typedef struct crypto_threadid_st
         {
         void *ptr;
         unsigned long val;
         } CRYPTO_THREADID;
 /* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
 void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
 void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
 int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *));
 void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *);
 void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
 int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a,
                         const CRYPTO_THREADID *b);
 void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest,
                          const CRYPTO_THREADID *src);
 unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);

 int CRYPTO_num_locks(void);

 /* struct CRYPTO_dynlock_value needs to be defined by the user */
 struct CRYPTO_dynlock_value;

 void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *
	(*dyn_create_function)(char *file, int line));
 void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
	(int mode, struct CRYPTO_dynlock_value *l,
	const char *file, int line));
 void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
	(struct CRYPTO_dynlock_value *l, const char *file, int line));

 int CRYPTO_get_new_dynlockid(void);

 void CRYPTO_destroy_dynlockid(int i);

 void CRYPTO_lock(int mode, int n, const char *file, int line);

 #define CRYPTO_w_lock(type)	\
	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
 #define CRYPTO_w_unlock(type)	\
	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
 #define CRYPTO_r_lock(type)	\
	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
 #define CRYPTO_r_unlock(type)	\
	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
 #define CRYPTO_add(addr,amount,type)	\
	CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)

=head1 DESCRIPTION

OpenSSL can safely be used in multi-threaded applications provided
that at least two callback functions are set, locking_function and
threadid_func.

locking_function(int mode, int n, const char *file, int line) is
needed to perform locking on shared data structures. 
(Note that OpenSSL uses a number of global data structures that
will be implicitly shared whenever multiple threads use OpenSSL.)
Multi-threaded applications will crash at random if it is not set.

locking_function() must be able to handle up to CRYPTO_num_locks()
different mutex locks. It sets the B<n>-th lock if B<mode> &
B<CRYPTO_LOCK>, and releases it otherwise.

B<file> and B<line> are the file number of the function setting the
lock. They can be useful for debugging.

threadid_func(CRYPTO_THREADID *id) is needed to record the currently-executing
thread's identifier into B<id>. The implementation of this callback should not
fill in B<id> directly, but should use CRYPTO_THREADID_set_numeric() if thread
IDs are numeric, or CRYPTO_THREADID_set_pointer() if they are pointer-based.
If the application does not register such a callback using
CRYPTO_THREADID_set_callback(), then a default implementation is used - on
Windows and BeOS this uses the system's default thread identifying APIs, and on
all other platforms it uses the address of B<errno>. The latter is satisfactory
for thread-safety if and only if the platform has a thread-local error number
facility.

Once threadid_func() is registered, or if the built-in default implementation is
to be used;

=over 4

=item *
CRYPTO_THREADID_current() records the currently-executing thread ID into the
given B<id> object.

=item *
CRYPTO_THREADID_cmp() compares two thread IDs (returning zero for equality, ie.
the same semantics as memcmp()).

=item *
CRYPTO_THREADID_cpy() duplicates a thread ID value,

=item *
CRYPTO_THREADID_hash() returns a numeric value usable as a hash-table key. This
is usually the exact numeric or pointer-based thread ID used internally, however
this also handles the unusual case where pointers are larger than 'long'
variables and the platform's thread IDs are pointer-based - in this case, mixing
is done to attempt to produce a unique numeric value even though it is not as
wide as the platform's true thread IDs.

=back

Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
of OpenSSL need it for better performance.  To enable this, the following
is required:

=over 4

=item *
Three additional callback function, dyn_create_function, dyn_lock_function
and dyn_destroy_function.

=item *
A structure defined with the data that each lock needs to handle.

=back

struct CRYPTO_dynlock_value has to be defined to contain whatever structure
is needed to handle locks.

dyn_create_function(const char *file, int line) is needed to create a
lock.  Multi-threaded applications might crash at random if it is not set.

dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line)
is needed to perform locking off dynamic lock numbered n. Multi-threaded
applications might crash at random if it is not set.

dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is
needed to destroy the lock l. Multi-threaded applications might crash at
random if it is not set.

CRYPTO_get_new_dynlockid() is used to create locks.  It will call
dyn_create_function for the actual creation.

CRYPTO_destroy_dynlockid() is used to destroy locks.  It will call
dyn_destroy_function for the actual destruction.

CRYPTO_lock() is used to lock and unlock the locks.  mode is a bitfield
describing what should be done with the lock.  n is the number of the
lock as returned from CRYPTO_get_new_dynlockid().  mode can be combined
from the following values.  These values are pairwise exclusive, with
undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE
should not be used together):

	CRYPTO_LOCK	0x01
	CRYPTO_UNLOCK	0x02
	CRYPTO_READ	0x04
	CRYPTO_WRITE	0x08

=head1 RETURN VALUES

CRYPTO_num_locks() returns the required number of locks.

CRYPTO_get_new_dynlockid() returns the index to the newly created lock.

The other functions return no values.

=head1 NOTES

You can find out if OpenSSL was configured with thread support:

 #define OPENSSL_THREAD_DEFINES
 #include <openssl/opensslconf.h>
 #if defined(OPENSSL_THREADS)
   // thread support enabled
 #else
   // no thread support
 #endif

Also, dynamic locks are currently not used internally by OpenSSL, but
may do so in the future.

=head1 EXAMPLES

B<crypto/threads/mttest.c> shows examples of the callback functions on
Solaris, Irix and Win32.

=head1 HISTORY

CRYPTO_set_locking_callback() is
available in all versions of SSLeay and OpenSSL.
CRYPTO_num_locks() was added in OpenSSL 0.9.4.
All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
B<CRYPTO_THREADID> and associated functions were introduced in OpenSSL 1.0.0
to replace (actually, deprecate) the previous CRYPTO_set_id_callback(),
CRYPTO_get_id_callback(), and CRYPTO_thread_id() functions which assumed
thread IDs to always be represented by 'unsigned long'.

=head1 SEE ALSO

L<crypto(3)|crypto(3)>

=cut