aboutsummaryrefslogtreecommitdiff
path: root/README.mbedtls
diff options
context:
space:
mode:
authorjvijtiuk <juraj.vijtiuk@sartura.hr>2018-02-12 18:01:48 +0100
committerAndreas Schneider <asn@cryptomilk.org>2018-02-12 20:05:49 +0100
commit963111b836af9a89c4156e92ab3ef5c03b346d87 (patch)
tree72164d09557448703d337f9ccb5b830d594435a8 /README.mbedtls
parentebcff9fd630f8bd26b0cda23e39c63805f2b781b (diff)
downloadlibssh-963111b836af9a89c4156e92ab3ef5c03b346d87.tar.gz
libssh-963111b836af9a89c4156e92ab3ef5c03b346d87.tar.xz
libssh-963111b836af9a89c4156e92ab3ef5c03b346d87.zip
tests: Fix segfault with mbedTLS built without threading support
torture_rand and torture_server_x11 call ssh_init without checking the return value. If mbedTLS is built without threading support ssh_init fails but the tests continue and then segfault since threading wasn't correctly initialised. Add a section that documents requirements for mbedTLS usage in a multi threaded environment to README.mbedtls. Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'README.mbedtls')
-rw-r--r--README.mbedtls16
1 files changed, 16 insertions, 0 deletions
diff --git a/README.mbedtls b/README.mbedtls
index 5411f301..dd1f505d 100644
--- a/README.mbedtls
+++ b/README.mbedtls
@@ -1,3 +1,6 @@
+libssh mbedTLS ECDSA support
+=============================
+
When built with mbedTLS, libssh currently does not support ECDSA key comparison.
Since the comparison function is used during the verification of publickey
authentication requests a libssh server will not be able to deal with ECDSA
@@ -5,3 +8,16 @@ keys.
In general, if the ssh_key_cmp function is used with mbedTLS, ECDSA key
comparison won't work.
+
+
+mbedTLS and libssh in multithreaded applications
+==================================================
+
+To use libssh with mbedTLS in a multithreaded application, mbedTLS has to be
+built with threading support enabled.
+
+If threading support is not available and multi threading is used, ssh_init
+will fail.
+
+More information about building mbedTLS with threading support can be found
+in the mbedTLS documentation.