* Is OpenSSL thread-safe?
-Yes. On Windows and many Unix systems, OpenSSL automatically uses the
-multi-threaded versions of the standard libraries. If your platform
-is not one of these, consult the INSTALL file.
+Yes (with limitations: an SSL connection may not concurrently be used
+by multiple threads). On Windows and many Unix systems, OpenSSL
+automatically uses the multi-threaded versions of the standard
+libraries. If your platform is not one of these, consult the INSTALL
+file.
Multi-threaded applications must provide two callback functions to
OpenSSL. This is described in the threads(3) manpage.
correctly. OpenSSL 0.9.5 makes the error visible by refusing to
perform potentially insecure encryption.
+Most components of the openssl command line tool try to use the
+file $HOME/.rnd (or $RANDFILE, if this environment variable is set)
+for seeding the PRNG. If this file does not exist or is too short,
+the "PRNG not seeded" error message may occur.
+Note that the command "openssl rsa" in OpenSSL 0.9.5 does not do this
+and will fail on systems without /dev/urandom when trying to
+password-encrypt an RSA key! This is a bug in the library;
+try a later snaphost instead.
+
* Why does the linker complain about undefined symbols?