Mark wrote:
I think it would be helpful for me. If we need to prevent calling SSL functions on the same object (i.e. SSL_read() and SSL_write()) from different threads then I would think that OpenSSL would not need any internal synchronisation, unless it creates its own threads internally.
But you are allowed to have multiple threads each having their own SSL * instance. You are allowed to make SSL_xxxxx() calls on two different SSL * handles at the same time.
The internal locking protects operations happening upon different handles simultaneously. For example there is an SSL session cache that can be shared between multiple SSL handles. Another example is the use of SSL_CTX being used to stamp out new SSL *. It is allowed for your application to allocate SSL_new(SSL_CTX *) from two threads at the same time, yadda, yadda.
But the SSL_xxxx() API set is not re-entrant with respect of the same SSL * handle. So you have to serialize all API calls upon the same SSL * handle. This is why you can't mix SSL_read() with any other SSL_xxxx() API call on the same handle instance at the same time.
Darryl ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
