gnutls_rsa_params_export_pkcs1 not thread safe

Sam Varshavchik mrsam at
Sat Jul 23 17:27:27 CEST 2011

Nikos Mavrogiannopoulos writes:

> On 07/02/2011 05:43 AM, Sam Varshavchik wrote:
> > A long and painful debugging session seems to indicate that the root
> > of my problems is that gnutls_rsa_params_export_pkcs1() is not thread
> > safe. I was invoking this function with the same
> > gnutls_rsa_params_t, concurrently from multiple threads.
> Thanks, there was some optimization in gnutls_rsa_params_t that caused
> this issue. The attached patch should fix your problem.
> However do you really need the gnutls_rsa_params_t? They are only
> used for the RSA-EXPORT ciphersuites that shouldn't be used normally.

I know -- this is some middleware that pregenerates temporary RSA keys, in  
case they are actually needed.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: </pipermail/attachments/20110723/be84790f/attachment.pgp>

More information about the Gnutls-help mailing list