Hi, I'm using NSS in non-blocking mode. To perform a handshake on a SSL socket, I use SSL_ForceHandshake (if it returns PR_WOULD_BLOCK_ERROR I retry when the SSL socket becomes readable). It works, but I've noticed that SSL_ForceHandshake sometimes takes a long time to return (around 100 ms). I suppose this is because of all the computations involved. As my program is single-threaded (built on a reactor), it cannot respond to anything else while in a long SSL_ForceHandshake call, which causes latency problems with other I/O my program does. Is possible to forbid SSL_ForceHandshake from doing any excessive computation, and to allow me to perform computations in a different thread, then call SSL_ForceHandshake again from the main thread when the computation is complete? It would theoretically be possible to call SSL_ForceHandshake in a different thread altogether, but this would be hard and non-optimal in my case.
Thank you for help, Ambroz Bizjak -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto