Due to missing crypto mutexes client library isn't thread safe.

OpenSSL Documentation:

OpenSSL can safely be used in multi-threaded applications provided that at least two callback functions are set, locking_function and threadid_func.

locking_function(int mode, int n, const char *file, int line) is needed to perform locking on shared data structures. (Note that OpenSSL uses a number of global data structures that will be implicitly shared whenever multiple threads use OpenSSL.) Multi-threaded applications will crash at random if it is not set.

The attached test (adapted from Connector/C) crashes frequently or delivers unexpected results.

/lib64/libc.so.6(realloc+0x139)[0x7f870b3d1359]

/lib64/libcrypto.so.1.0.0(CRYPTO_realloc+0x50)[0x7f870b76a470]}}

georg@linux-lw76:~/work/mariadb/dev/10.2-ssl/client> ./ssltest

>Error: SSL connection error: SSL_CTX_new failed

>Error: SSL connection error: SSL_CTX_new failed

>Error: SSL connection error: SSL_CTX_new failed

>Error: SSL connection error: SSL_CTX_new failed

>Error: SSL connection error: SSL_CTX_new failed

>Error: SSL connection error: SSL_CTX_new failed

>Error: SSL connection error: SSL_CTX_set_default_verify_paths failed

>Error: SSL connection error: SSL_CTX_set_default_verify_paths failed

Found: 42

Expected 50