Hi Hans,
The bug reporter sees long delays between torrents starting up after applying these patches, which makes we wonder if the ssl lock effectively serializes secure https requests?
There isn't a single SSL lock. There's an interlocked exchange for assigning SSL_CTX, which should only be created once except in a race between threads. There's a critical section to protect against two threads initializing the SSL library at the same time. Finally, there are a number of SSL locks (CRYPTO_num_locks() many, specifically) that OpenSSL uses. When I was debugging it, there are at least 16 of them. So I don't think serialization of locks is the root cause of the slowdown.
Would patch 1 and 3 not be sufficient to fix the utorrent crash?
I don't think so. Other apps have had similar crashes with the equivalent of patch 2 not applied, and the OpenSSL man page warns of random crashes due to failing to implement and set these callbacks. --Juan