Hi Andrew Get SSL and TLS Designing and Building Secure Systems, read section 8.9 ( page 274). Get Network Security with OpenSSL, read example 5-16.
I hope it will clear a little bit for you. TD -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andrew Armstrong Sent: Tuesday, May 15, 2007 6:18 To: openssl-users@openssl.org Subject: Multi-threaded SSL Socket Usage Hi Everyone, I hope I have found the right place to ask for some advice. An application we have developed is responsible for handling concurrent connections from multiple SSL Sockets. While the application works fine for a while; there will sometimes be an issue where a socket blocked on write. So we switched to non-blocking IO, and handled (supposedly) WANT_READ and WANT_WRITE correctly. We also have attempted to handle the other oddities correctly (detecting EAGAIN and retrying the write, etc), however sometimes while it is working fine for the most part, will eventually have sockets drop or not get written/read from correctly. It's a bit complicated to explain. The design of the application is that there are worker threads which pick up data and send them out via the sockets. This works for the most part, however as mentioned it will sometimes no longer appear to work (data is not received in a timely fashion for example). I would think this is just do to how complex the read/write logic is for openssl, nonblocking multi-threaded applications. Is there anyone out there with experience in using OpenSSL in a multi-threaded application that can provide some sample code or anything to help address these issues? It would be really appreciated if anyone can point me in the direction or even yet provide a basic sample application that handles concurrent connections from SSL Sockets correctly. It's terrible that there are so many pitfalls one needs to account for, yet there is no documentation about this (or example) in the OpenSSL library. Thanks, Andrew ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
