curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

curl_version_info() thread-safety

From: Patrick Monnerat via curl-library <>
Date: Sat, 24 Sep 2022 18:22:17 +0200

I just noticed curl_version_info() is not thread-safe when compiled with
multi-ssl backends because the HTTPS-proxy feature bit is computed at
run-time and may change between calls.

This is the case until the effective SSL backend is selected
(curl_global_sslset() or curl_global_init()).

I have been wondering quite a long time about what to do against that
and the "least bad" solution I can imagine is to always consider the
HTTPS-proxy feature as absent when MultiSSL is enabled, even after the
effective SSL backend has been selected.

The cost is an application would not be able anymore to select a backend
then use version info to see if it support HTTPS-proxy. That said,
features never were intended to be dynamic.

Comments and suggestions are welcome !


Received on 2022-09-24