| 1 | =pod
|
|---|
| 2 |
|
|---|
| 3 | =head1 NAME
|
|---|
| 4 |
|
|---|
| 5 | openssl-threads - Overview of thread safety in OpenSSL
|
|---|
| 6 |
|
|---|
| 7 | =head1 DESCRIPTION
|
|---|
| 8 |
|
|---|
| 9 | In this man page, we use the term B<thread-safe> to indicate that an
|
|---|
| 10 | object or function can be used by multiple threads at the same time.
|
|---|
| 11 |
|
|---|
| 12 | OpenSSL can be built with or without threads support. The most important
|
|---|
| 13 | use of this support is so that OpenSSL itself can use a single consistent
|
|---|
| 14 | API, as shown in L<CRYPTO_THREAD_run_once(3)/EXAMPLES>.
|
|---|
| 15 | Multi-platform applications can also use this API.
|
|---|
| 16 |
|
|---|
| 17 | In particular, being configured for threads support does not imply that
|
|---|
| 18 | all OpenSSL objects are thread-safe.
|
|---|
| 19 | To emphasize: I<most objects are not safe for simultaneous use>.
|
|---|
| 20 | Exceptions to this should be documented on the specific manual pages, and
|
|---|
| 21 | some general high-level guidance is given here.
|
|---|
| 22 |
|
|---|
| 23 | One major use of the OpenSSL thread API is to implement reference counting.
|
|---|
| 24 | Many objects within OpenSSL are reference-counted, so resources are not
|
|---|
| 25 | released, until the last reference is removed.
|
|---|
| 26 | References are often increased automatically (such as when an B<X509>
|
|---|
| 27 | certificate object is added into an B<X509_STORE> trust store).
|
|---|
| 28 | There is often an B<I<object>_up_ref>() function that can be used to increase
|
|---|
| 29 | the reference count.
|
|---|
| 30 | Failure to match B<I<object>_up_ref>() calls with the right number of
|
|---|
| 31 | B<I<object>_free>() calls is a common source of memory leaks when a program
|
|---|
| 32 | exits.
|
|---|
| 33 |
|
|---|
| 34 | Many objects have set and get API's to set attributes in the object.
|
|---|
| 35 | A C<set0> passes ownership from the caller to the object and a
|
|---|
| 36 | C<get0> returns a pointer but the attribute ownership
|
|---|
| 37 | remains with the object and a reference to it is returned.
|
|---|
| 38 | A C<set1> or C<get1> function does not change the ownership, but instead
|
|---|
| 39 | updates the attribute's reference count so that the object is shared
|
|---|
| 40 | between the caller and the object; the caller must free the returned
|
|---|
| 41 | attribute when finished.
|
|---|
| 42 | Functions that involve attributes that have reference counts themselves,
|
|---|
| 43 | but are named with just C<set> or C<get> are historical; and the documentation
|
|---|
| 44 | must state how the references are handled.
|
|---|
| 45 | Get methods are often thread-safe as long as the ownership requirements are
|
|---|
| 46 | met and shared objects are not modified.
|
|---|
| 47 | Set methods, or modifying shared objects, are generally not thread-safe
|
|---|
| 48 | as discussed below.
|
|---|
| 49 |
|
|---|
| 50 | Objects are thread-safe
|
|---|
| 51 | as long as the API's being invoked don't modify the object; in this
|
|---|
| 52 | case the parameter is usually marked in the API as C<const>.
|
|---|
| 53 | Not all parameters are marked this way.
|
|---|
| 54 | Note that a C<const> declaration does not mean immutable; for example
|
|---|
| 55 | L<X509_cmp(3)> takes pointers to C<const> objects, but the implementation
|
|---|
| 56 | uses a C cast to remove that so it can lock objects, generate and cache
|
|---|
| 57 | a DER encoding, and so on.
|
|---|
| 58 |
|
|---|
| 59 | Another instance of thread-safety is when updates to an object's
|
|---|
| 60 | internal state, such as cached values, are done with locks.
|
|---|
| 61 | One example of this is the reference counting API's described above.
|
|---|
| 62 |
|
|---|
| 63 | In all cases, however, it is generally not safe for one thread to
|
|---|
| 64 | mutate an object, such as setting elements of a private or public key,
|
|---|
| 65 | while another thread is using that object, such as verifying a signature.
|
|---|
| 66 |
|
|---|
| 67 | The same API's can usually be used simultaneously on different objects
|
|---|
| 68 | without interference.
|
|---|
| 69 | For example, two threads can calculate a signature using two different
|
|---|
| 70 | B<EVP_PKEY_CTX> objects.
|
|---|
| 71 |
|
|---|
| 72 | For implicit global state or singletons, thread-safety depends on the facility.
|
|---|
| 73 | The L<CRYPTO_secure_malloc(3)> and related API's have their own lock,
|
|---|
| 74 | while L<CRYPTO_malloc(3)> assumes the underlying platform allocation
|
|---|
| 75 | will do any necessary locking.
|
|---|
| 76 | Some API's, such as L<NCONF_load(3)> and related do no locking at all;
|
|---|
| 77 | this can be considered a bug.
|
|---|
| 78 |
|
|---|
| 79 | A separate, although related, issue is modifying "factory" objects
|
|---|
| 80 | when other objects have been created from that.
|
|---|
| 81 | For example, an B<SSL_CTX> object created by L<SSL_CTX_new(3)> is used
|
|---|
| 82 | to create per-connection B<SSL> objects by calling L<SSL_new(3)>.
|
|---|
| 83 | In this specific case, and probably for factory methods in general, it is
|
|---|
| 84 | not safe to modify the factory object after it has been used to create
|
|---|
| 85 | other objects.
|
|---|
| 86 |
|
|---|
| 87 | =head1 SEE ALSO
|
|---|
| 88 |
|
|---|
| 89 | CRYPTO_THREAD_run_once(3),
|
|---|
| 90 | local system threads documentation.
|
|---|
| 91 |
|
|---|
| 92 | =head1 BUGS
|
|---|
| 93 |
|
|---|
| 94 | This page is admittedly very incomplete.
|
|---|
| 95 |
|
|---|
| 96 | =head1 COPYRIGHT
|
|---|
| 97 |
|
|---|
| 98 | Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|---|
| 99 |
|
|---|
| 100 | Licensed under the Apache License 2.0 (the "License"). You may not use
|
|---|
| 101 | this file except in compliance with the License. You can obtain a copy
|
|---|
| 102 | in the file LICENSE in the source distribution or at
|
|---|
| 103 | L<https://www.openssl.org/source/license.html>.
|
|---|
| 104 |
|
|---|
| 105 | =cut
|
|---|
