yaSSL is thread safe by design. Multiple threads can enter the library
simultaneously without creating conflicts because yaSSL avoids global data,
static data, and the sharing of objects. The user must still take care to
avoid potential problems in two areas.
A client may share an SSL object across multiple threads but access must be
synchronized, i.e., trying to read/write at the same time from two different
threads with the same SSL pointer is not supported.
yaSSL could take a more aggressive (constrictive) stance and lock out other
users when a function is entered that cannot be shared but this level of
granularity seems counterintuitive, all users (even single threaded ones)
will pay for the locking and multi-thread ones won't be able to re-enter the
library even if they aren't sharing objects across threads. This penalty seems
much too high and yaSSL leaves the responsibility of synchronizing shared
objects in the hands of the user.
Besides sharing SSL pointers, users must also take care to completely
initialize an SSL_CTX before passing the structure to SSL_new(). The
same SSL_CTX can create multiple SSLs but the SSL_CTX is only read during
SSL_new() creation and any future (or simultaneous changes) to the
SSL_CTX will not be reflected once the SSL object is created.
Again, multiple threads should synchronize writing access to a SSL_CTX and it
is advised that a single thread initialize the SSL_CTX to avoid the
synchronization and update problem described above.
Update: See note below about Session Caching and Multiple Threads.