Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: curl_version_info() thread-safety
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Patrick Monnerat via curl-library <curl-library_at_lists.haxx.se>
Date: Sun, 25 Sep 2022 01:48:07 +0200
On 9/24/22 23:07, Daniel Stenberg wrote:
> On Sat, 24 Sep 2022, Patrick Monnerat via curl-library wrote:
>
>> I just noticed curl_version_info() is not thread-safe when compiled
>> with multi-ssl backends because the HTTPS-proxy feature bit is
>> computed at run-time and may change between calls.
>>
>> This is the case until the effective SSL backend is selected
>> (curl_global_sslset() or curl_global_init()).
>
> Except of course that curl_global_sslset is documented to:
>
> "This function can only be used to select an SSL backend once, and it
> must be
> called before curl_global_init."
>
> ... and if that is followed, how can it change?
#include <stdio.h>
#include "curl/curl.h"
main()
{
const curl_version_info_data *vid;
vid = curl_version_info(CURLVERSION_NOW);
printf("%08X\n", vid->features);
curl_global_sslset(CURLSSLBACKEND_OPENSSL, NULL, NULL);
curl_version_info(CURLVERSION_NOW);
printf("%08X\n", vid->features);
}
Result (with a MultiSSL library):
75DFE7DD
75FFE7DD
Of course, this is not a threaded program, but it shows data returned by
the first call is altered after the second.
Date: Sun, 25 Sep 2022 01:48:07 +0200
On 9/24/22 23:07, Daniel Stenberg wrote:
> On Sat, 24 Sep 2022, Patrick Monnerat via curl-library wrote:
>
>> I just noticed curl_version_info() is not thread-safe when compiled
>> with multi-ssl backends because the HTTPS-proxy feature bit is
>> computed at run-time and may change between calls.
>>
>> This is the case until the effective SSL backend is selected
>> (curl_global_sslset() or curl_global_init()).
>
> Except of course that curl_global_sslset is documented to:
>
> "This function can only be used to select an SSL backend once, and it
> must be
> called before curl_global_init."
>
> ... and if that is followed, how can it change?
#include <stdio.h>
#include "curl/curl.h"
main()
{
const curl_version_info_data *vid;
vid = curl_version_info(CURLVERSION_NOW);
printf("%08X\n", vid->features);
curl_global_sslset(CURLSSLBACKEND_OPENSSL, NULL, NULL);
curl_version_info(CURLVERSION_NOW);
printf("%08X\n", vid->features);
}
Result (with a MultiSSL library):
75DFE7DD
75FFE7DD
Of course, this is not a threaded program, but it shows data returned by
the first call is altered after the second.
-- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2022-09-25