963111b836
torture_rand and torture_server_x11 call ssh_init without checking the return value. If mbedTLS is built without threading support ssh_init fails but the tests continue and then segfault since threading wasn't correctly initialised. Add a section that documents requirements for mbedTLS usage in a multi threaded environment to README.mbedtls. Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
24 строки
807 B
Plaintext
24 строки
807 B
Plaintext
libssh mbedTLS ECDSA support
|
|
=============================
|
|
|
|
When built with mbedTLS, libssh currently does not support ECDSA key comparison.
|
|
Since the comparison function is used during the verification of publickey
|
|
authentication requests a libssh server will not be able to deal with ECDSA
|
|
keys.
|
|
|
|
In general, if the ssh_key_cmp function is used with mbedTLS, ECDSA key
|
|
comparison won't work.
|
|
|
|
|
|
mbedTLS and libssh in multithreaded applications
|
|
==================================================
|
|
|
|
To use libssh with mbedTLS in a multithreaded application, mbedTLS has to be
|
|
built with threading support enabled.
|
|
|
|
If threading support is not available and multi threading is used, ssh_init
|
|
will fail.
|
|
|
|
More information about building mbedTLS with threading support can be found
|
|
in the mbedTLS documentation.
|