id summary reporter owner description type status milestone component version severity resolution keywords cc 8532 openssl_id_func breaks OpenSSL thread safety requirements on non-Windows platforms criticalsection@… chris_kohlhoff "In order to be thread safe OpenSSL requires call backs that provide: 1) Thread level locking (e.g. mutexes) 2) A unique id for each thread The Boost ASIO SSL support provides 1) but only a partial implementation for 2). The openssl_id_func() supplied to CRYPTO_set_id_callback uses GetCurrentThreadId on Windows but on other platforms uses this: void* id = instance()->thread_id_; if (id == 0) instance()->thread_id_ = id = &id; // Ugh. BOOST_ASSERT(sizeof(unsigned long) >= sizeof(void*)); return reinterpret_cast(id); The is initially based on the address of the local variable id that should be different in each thread but may also vary in a given thread depending on the call stack. However, the value seems to be assigned to a shared instance so that all threads will see the same value. I recently discovered that some thread safety problems on iOS were being caused by this code. I worked around this problem by calling CRYPTO_set_id_callback again after creating an boost::asio::ssl::context to overwrite the callback with one like this for non Windows platforms: unsigned long my_openssl_id_func() { return pthread_mach_thread_np(pthread_self() ); } After this change the Boost SSL ASIO library suffered no more re-entrancy and locking issues. I suggest that a solution could incorporate some or all of the following: -Remove the existing non Windows implementation as it doesn't seem to meet the OpenSSL requirements -Provide a pthread based implementation in openssl_id_func when PTHREADS are available -A runtime assert/exception if a suitable implementation has not been provided -Provide more control over OpenSSL initialization to the user of Boost ASIO so that aspects such as this can be explicitly handled." Bugs closed To Be Determined asio Boost 1.52.0 Cosmetic invalid "CRYPTO_set_id_callback OpenSSL ASIO ""thread safety"""