qpid-proton mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Stitcher (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (PROTON-992) Proton's use of Cyrus SASL is not thread-safe.
Date Fri, 11 Sep 2015 17:05:46 GMT

    [ https://issues.apache.org/jira/browse/PROTON-992?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14741144#comment-14741144

Andrew Stitcher commented on PROTON-992:

I don't disagree, but remember that adding a global initialisation to the Proton library is
a big API step necessitating *everyone* to change their programs.

Also note that the OpenSSL initialisation is also not thread safe - it is protected by a non
atomic global in the Proton SSL code, that just reduces the thread race window, albeit by
a lot.

What the docs say and what the code actually are two different things...

The Cyrus SASL code actually does is carefully count the number of inits and disposes (though
not locked in any way if I remember) and don't actually dispose anything until the counts
become 0. It's almost as if they have had a problem with this before...

[As in multiple libraries independently using cyrus SASL]

God, I wish people designed their libraries without global state.

BTW The best, least intrusive solution is probably to initialise using a pthread_once() construct.
Which at least would make the initialisation(s) thread safe without adding needing any further
threading gubbins. It doesn't fix the issue of when to call the dispose routines though.

> Proton's use of Cyrus SASL is not thread-safe.
> ----------------------------------------------
>                 Key: PROTON-992
>                 URL: https://issues.apache.org/jira/browse/PROTON-992
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-c
>    Affects Versions: 0.10
>            Reporter: michael goulish
>            Assignee: michael goulish
>            Priority: Critical
> Documentation for the Cyrus SASL library says that the library is believed to be thread-safe
only if the code that uses it meets several requirements.
> The requirements are:
>     * you supply mutex functions (see sasl_set_mutex())
>     * you make no libsasl calls until sasl_client/server_init() completes
>     * no libsasl calls are made after sasl_done() is begun
>     * when using GSSAPI, you use a thread-safe GSS / Kerberos 5 library.
> It says explicitly that that sasl_set* calls are not thread safe, since they set global
> The proton library makes calls to sasl_set* functions in :
>           pni_init_client()
>           pni_init_server(), and
>           pni_process_init()
> Since those are internal functions, there is no way for code that uses Proton to lock
around those calls.
> I think proton needs a new API call to let applications call sasl_set_mutex().  Or something.
> We probably also need other protections to meet the other requirements specified in the
Cyrus documentation (and quoted above).

This message was sent by Atlassian JIRA

View raw message