Re: [sr-dev] [kamailio/kamailio] tls: much faster startup using shared SSL_CTX (#1585)

After SSL_CTX is not only containing default settings but hash of sessions, this seems to be thread safe using a locks. ``` SSL_CTX_add_session CRYPTO_THREAD_write_lock(ctx->lock); ... CRYPTO_THREAD_unlock(ctx->lock); ``` OpenSSL can be safely used in multi-threaded applications provided that support for the underlying OS threading API is built-in. Currently, OpenSSL supports the pthread and Windows APIs. OpenSSL can also be built without any multi-threading support, for example on platforms that don't provide any threading support or that provide a threading API that is not yet supported by OpenSSL. Not sure if there could be a pitfall for forking process, better keep the default value as it is. It seems another option, could be to copy only the X509_store -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/1585#issuecomment-404050785