Our server does a raw socket accept first, and then spawns a thread for each that brings up the ssl connection if applicable. The code flow is like this:
int fd; SSL_CTX* ctx; SSL* ssl; BIO* fdbio = BIO_new_socket((int)fd, 0); BIO* bio = BIO_new_ssl(ctx, client); BIO_push(bio, fdbio); BIO_get_ssl(bio, &ssl); The SSL_CTX is shared across the multiple threads. My question is whether BIO_new_ssl() should be serializing so that only one thread is instantiating an SSL instance at a time from the SSL_CTX. Wayne. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org