From 963111b836af9a89c4156e92ab3ef5c03b346d87 Mon Sep 17 00:00:00 2001 From: jvijtiuk Date: Mon, 12 Feb 2018 18:01:48 +0100 Subject: tests: Fix segfault with mbedTLS built without threading support torture_rand and torture_server_x11 call ssh_init without checking the return value. If mbedTLS is built without threading support ssh_init fails but the tests continue and then segfault since threading wasn't correctly initialised. Add a section that documents requirements for mbedTLS usage in a multi threaded environment to README.mbedtls. Signed-off-by: Juraj Vijtiuk Reviewed-by: Andreas Schneider --- README.mbedtls | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'README.mbedtls') diff --git a/README.mbedtls b/README.mbedtls index 5411f301..dd1f505d 100644 --- a/README.mbedtls +++ b/README.mbedtls @@ -1,3 +1,6 @@ +libssh mbedTLS ECDSA support +============================= + When built with mbedTLS, libssh currently does not support ECDSA key comparison. Since the comparison function is used during the verification of publickey authentication requests a libssh server will not be able to deal with ECDSA @@ -5,3 +8,16 @@ keys. In general, if the ssh_key_cmp function is used with mbedTLS, ECDSA key comparison won't work. + + +mbedTLS and libssh in multithreaded applications +================================================== + +To use libssh with mbedTLS in a multithreaded application, mbedTLS has to be +built with threading support enabled. + +If threading support is not available and multi threading is used, ssh_init +will fail. + +More information about building mbedTLS with threading support can be found +in the mbedTLS documentation. -- cgit v1.2.3