diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-02-23 18:57:09 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-03-02 21:15:19 +0100 |
commit | 1a84f73d69a00dda1b29968579fe2841207b51cc (patch) | |
tree | 6859315658f8ed9c137d45b8ade68f7b2cdae544 /doc | |
parent | 36a0179d9d946e733ad0eb74f62f5914962f4075 (diff) | |
download | gnutls-1a84f73d69a00dda1b29968579fe2841207b51cc.tar.gz |
doc: added more information on operation under multiple threads
Relates: #713
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/cha-gtls-app.texi | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index 9831db2da4..21df8e5fb3 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -234,11 +234,21 @@ Read-only access to objects, for example the credentials holding structures, is also thread-safe. A @code{gnutls_session_t} object could also be shared by two threads, one sending, -the other receiving. In that case however, care must be taken during key -updates and re-handshakes to be handled only by a single thread. The termination of a session -should be handled, either by a single thread being active, or by the sender thread -using @funcref{gnutls_bye} with @code{GNUTLS_SHUT_WR} and the receiving thread -waiting for a return value of zero. +the other receiving. However, care must be taken on the following use cases: +@itemize +@item The re-handshake process in TLS 1.2 or earlier must be handled only in +a single thread and no other thread may be performing any operation. +@item The flag @code{GNUTLS_AUTO_REAUTH} cannot be used safely in this mode of operation. +@item Any other operation which may send or receive data, like key update (c.f., +@funcref{gnutls_session_key_update}), must not be performed while threads +are receiving or writing. +@item The termination of a session should be handled, either by a single thread being +active, or by the sender thread using @funcref{gnutls_bye} with @code{GNUTLS_SHUT_WR} +and the receiving thread waiting for a return value of zero (or timeout on +certain servers which do not respond). +@item The functions @funcref{gnutls_transport_set_errno} and @funcref{gnutls_record_get_direction} +should not be relied during parallel operation. +@end itemize For several aspects of the library (e.g., the random generator, PKCS#11 operations), the library may utilize mutex locks (e.g., pthreads on GNU/Linux and CriticalSection on Windows) |