Nelson, Thanks for the information, it helps to understand better the internals of the SSL/TLS implementation and the reasons behind them.
I resolved the problem, one part of it was that I, as you said, wasn't releasing the XmitBufLock at one place, but I didn't see that code path previously. The other part wasthat I was sending an alert accidentally, when I should have just returned with SECSuccess from the function. The 'desc' variable hadn't been initialized, so this was causung the strange SSL Alert description. I think I know what functions need to hold what locks, at least for the functions that I need to use right now. Are there any examples of locks and functions, such that you cannot hold that lock when you call that function? I think I stumbled upon an example and I meant to ask about it, but I can't seem to find it anymore. I thought that TCP, being a byte-oriented protocol, just waited until it gets from the Application layer enough bytes for a TCP segment and then sent the whole segment. I guess some TCP implementations send data immediately to decrease the end-to-end delay. Regards, Peter _______________________________________________ mozilla-crypto mailing list mozilla-crypto@mozilla.org http://mail.mozilla.org/listinfo/mozilla-crypto