> Any ideas?
>
> More importantly, do you know why this limitation exists at all? I would
> rather fix the problem than run from it.
The limit exists because the context depends on state derived from each
half of the duplex connection. (Mythical example, for explanation: SSL
periodically sends a checksum of all bytes exchanged. Since it was
designed
for lock-step protocols, not streaming ones, a simple "sum += byte"
would
suffice. Locking that wouldn't be very good.) As for fixing it, with
all
due respect, someone who thinks time() is a reasonable seed is probably
under-qualified to fix an SSL implementation.
You should be able to rewrite your server to use select instead of
threads. Be aware that SSL can do read-ahead write-behind, so you
can't just trust select but have to call some API or other as well.
/r$
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
