Martin Domke wrote: > Do I have to protect the SSL object on my own from concurrent access?
Yes, you do. If you didn't that's your problem. Both SSL_read and SSL_write are logically modification operations on the SSL object (because they can change its state). You cannot perform a modification operation in two threads at the same time on the same object. It is a fairly common misunderstanding that the various ID and lock callbacks provide some extra level of thread safety. In fact, they are required for *any* multi-threaded application that wishes to use OpenSSL to provide basic threading sanity. However, there is no "extra" thread safety. You still must follow the normal rules. (Multiple operations that are logically read operations are safe on the same or different objects. A logical modification operation on one object can overlap a logical read operation on another operation. A logical read operation cannot overlap a modification operation for that same object. And so on.) The locks are required because some operations that are logically read operations are internally modification operations. OpenSSL has to implement its own locking to make this work. (The same way, for example, a reference-counted, copy-on-write, string library would do it.) DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
