----- Original Message ----- From: "David Schwartz" <[EMAIL PROTECTED]> To: <openssl-users@openssl.org> Sent: Thursday, October 05, 2006 3:36 PM Subject: RE: Need help: Understanding SSL object in multi-threaded environment
> > > 1. Is OpenSSL thread-safe? > > Yes (with limitations: an SSL connection may not concurrently be used by > > multiple threads) > > This means exactly what it says. A single SSL connection may not be used > concurrently by multiple threads. This means it is illegal for one thread to > do a 'write' on the connection at the same time another thread might be > doing, say, a 'read'. > > You can share an SSL connection object among threads, but you must protect > it yourself with a mutex or similar lock. > > This is a semantic difference between SSL connections and normal TCP > connections. For example, with TCP, you call 'shutdown' in one thread, > 'read' in another, and 'write' in a third all at the same time and you will > get sensible results. > > This is, however, the usual rule for user-space objects. For example, even > if you have a plain old integer, you cannot write to it in one thread and > read from it another and get guaranteed results. (At least, not without some > special knowledge about your platform.) > > DS Thank you DAvid for your response. I still have a couple of doubts: Is it the case that both SSL_read and SSL_write modify the same part of the SSL object ? Could you give some more details about this? Could you throw some more light on the ssl state maintained by the SSL object during SSL_read and SSL_write? Is it safe if I programmatically make sure (say using mutex) that only one thread is accessing the SSL object at any time? In that case, would it be okay to call SSL_read on one thread and SSL_write on other thread? Where exactly would the locking callback functions come into picture? ~ Urjit DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Pvt. Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Pvt. Ltd. does not accept any liability for virus infected mails. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
