TheSquad wrote: > Hello everyone, > > I have multithreaded the Handshake of SSL by creating a thread after > each > connection to my server. > the handshake is done on a separate thread. > So there is two question poping up :
I've said it before and I'll say it again -- this is the worst possible way to design a multi-threaded server. Why start out by shooting yourself in the foot? > 1 - How come if I connect to my server with telnet without SSL support, > the > socket hang indefinitely looking for a initiated handshake from the > client. > Is there a way to timeout blocking socket without alarm ? It's hanging indefinitely because you asked it to. A blocking socket operation blocks as long as it takes to complete the operation. If that's not what you want, why did you do it? > 2 - How come when one thread is blocked by SSL_accept, every thread are > also > blocked waiting for the blocking thread to timeout ? Because you asked it to try forever to negotiate the first connection. (At least you can argue this is a defect in OpenSSL, but it's one of a long list of problems you will run into if you use blocking operations in a context where they are not appropriate.) > Any help would be appreciated ! We have looked everywhere for a few > days, > and we can't understand how fix it. Most importantly, use non-blocking operations. Blocking operations are orders of magnitude more trouble than they're worth. They originally existed only to allow code that didn't even realize it was using a socket to sort-of work with sockets. There is no reason to use them in code that knows it's dealing with sockets. Blocking is for code that does one thing at a time (unless you can block in one place on all those things). Ideally, change to a more sensible architecture entirely. Threads are execution vehicles and there is no reason for a thread to wait for work when there's work. There's a reason FedEx doesn't have a plane on the ground at Houston for every place they possibly fly to from there waiting for a package. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org