Hi,
I am using openssl to one of my application. The application has support
of multithreading and runs on Windows platform. This application uses openssl
0.9.8.0 version and has support of fips. The application listens on a
particular port and for each new connection it creates a separate threads. Each
thread separately invokes SSL APIs like SSL_accept(). I have observed that
during high load (when connection count goes above to 500) the
SSL_accept()fails and gives error ("random number generator:FIPS_RAND:prng
error") after that my application crashes.
If I place mutex for SSL_accept() then I did not find any problem. But it
could affect the performance. I doubt there is some issue because of that
SSL_accept() fails in multithreaded environment during high load. I have also
observed if I disable Fips then my application works without any problem. Is it
any known issues in openssl? Is there any way to avoid such kind of issue?
Regards,
Alok
