Although the GnuTLS library is thread safe by design, some parts of Libgcrypt, such as the random generator, are not. Applications have to register callback functions to ensure proper locking in the sensitive parts of libgcrypt.
There are helper macros to help you properly initialize the libraries. Examples are shown below.
#include <gnutls.h>
#include <gcrypt.h>
#include <errno.h>
#include <pthread.h>
GCRY_THREAD_OPTION_PTHREAD_IMPL;
int main()
{
/* The order matters.
*/
gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
gnutls_global_init();
}
#include <gnutls.h>
#include <gcrypt.h>
#include <errno.h>
#include <pth.h>
GCRY_THREAD_OPTION_PTH_IMPL;
int main()
{
gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pth);
gnutls_global_init();
}
/* The gcry_thread_cbs structure must have been
* initialized.
*/
static struct gcry_thread_cbs gcry_threads_other = { ... };
int main()
{
gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_other);
}