You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
And it seems that THREADING_SUPPORT in vtls/mbedtls.c doesn't really help, the concurrency crash still occurs in mbedtls library when using libcurl+mbedtls in a multiple-thread program without MBEDTLS_THREADING_C
So maybe it's good to require defined(MBEDTLS_THREADING_C) in curl's vtls/mbedtls.c when there is threading support?
Or at least, psa_crypto_init should be protected by the mutex? Actually I am not sure whether it is enough, I think requiring defined(MBEDTLS_THREADING_C) is the best approach.
It seems a good idea to add the check when building curl. I propose #15505 for checking this.
Update: the check during compile time led to failures in CI jobs. Not all platforms have built mbedtls that way. Instead, the initialisation of psa_crypto_init() is now done on curl's global init and protected by mbedtls locks if available.
Although I was not sure whether protecting psa_crypto_init is enough, I read the code again and I think it should be also fine, the psa_crypto_init seems to be the only "psa" function call and all other mbedtls calls are all with "context/locker" which should be thread-safe.
When building libcurl with mbedtls, by default the mbedtls library doesn't enable its
MBEDTLS_THREADING_C
.However, according to https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading/#thread-safety , mbedtls PSA is not thread-safe.
And it seems that
THREADING_SUPPORT
invtls/mbedtls.c
doesn't really help, the concurrency crash still occurs in mbedtls library when using libcurl+mbedtls in a multiple-thread program without MBEDTLS_THREADING_CSo maybe it's good to require
defined(MBEDTLS_THREADING_C)
in curl'svtls/mbedtls.c
when there is threading support?Or at least,
psa_crypto_init
should be protected by the mutex? Actually I am not sure whether it is enough, I think requiringdefined(MBEDTLS_THREADING_C)
is the best approach.Some related crash stacks:
The text was updated successfully, but these errors were encountered: