Hi, and thanks for the reply. Is there a way I can tell the client that my server does not accept renegotiation ?
On Mon, Aug 12, 2013 at 7:40 PM, Wim Lewis <[email protected]> wrote: > > On 11 Aug 2013, at 2:19 PM, Ahmed Charfeddine wrote: > > It has been understood that the concurrent use of SSL_write and SSL_read > is dangerous. > > However, is it correct to assume that the only crossing between these > two APIs happen at the handshake stage only ? > > In other terms, once the SSL handshake stage has been completed, is it > safe to use these two APIs concurrently ? > > > No, this is not a safe assumption. Renegotiations can happen at any time > during the middle of the connection. > > (I assume you are talking about a program which has several threads, one > of which calls SSL_read() and one of which calls SSL_write() ?) > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [email protected] > Automated List Manager [email protected] >
