To follow up my previous quoting of the FAQ: You create the SSL_CTX with SSL_CTX_new(), listen() on the appropriate port, then accept() the connection, which gives you a file descriptor. Spawn a thread to handle that descriptor. Use SSL_new(SSL_CTX *) to generate a new SSL structure, and then use SSL_set_fd() to associate the thread-specific file descriptor with it. When you're done with it (i.e., after using SSL_shutdown()), use SSL_free() to completely free all aspects of the SSL structure before terminating the thread. Do not use SSL_clear().
-Kyle H On Wed, Aug 20, 2008 at 5:34 AM, vinni rathore <[EMAIL PROTECTED]> wrote: > Hello everyone, > > I am working with a VPN server and using openssl APIs to handle SSL on > Linux machine. > My server work fine with single client but it shows the segmentation > fault when i test it > with multiple clients. > > I have different threads in my server handling different > functionalities. Read and write threads are working > simultaneously sharing the same SSL structure. > The structure of my server is.. > > 1- initializing the openssl library. > 2. Context setup(certificates etc). > 3. TCP connection. > 4. SSL_new(ctx) > 5. ssl_set_fd.. > 6. ssl_accept(..) > 7. Result of the certificate verification... > 8. Starting the threads...Read and write.. > 9. Successful disconnection request from any of the connected client, > i am freeing the object memory of that particular connection.. > using SSL_clear(..)let pssl[j] so SSL_clear(pss[j]). > but i am not able to check whether pssl[j] as been freed or not.. > is there any way to check the structure values after SSL_clear(..) > I can not NULL the structure as i need rest of the ssl values that are > initialized during the start of the program.. > Or is it possible to use SSL_free() and then again reinitialize all > the SSL structure... with all values it needed... > > > Could anyone please suggest me how to use SSL structure for multiple > clients..?? > Waiting for the reply... > > Thanx in advance... > > -- > regards, > Vineeta Kumari > Software engg > Mobera Systems > Chandigarh > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [email protected] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
