From the previous correspondance it's actually increasing in time over multiple signs. Which almost sounds like a /dev/random blocking until it has enough entropy to provide some bits?
That'll teach me to even (especially?) read up on C++ threads before putting in a couple cents :-)
There are 2 /dev/randoms on Linux (and maybe on other platforms as well) one is called /dev/random and one is /dev/urandom. /dev/random is the true random number generator, which does block waiting for more bits to come along. /dev/urandom is a pseudo random number generator which frequently reseeds itself from /dev/random.
So if /dev/random is the only source of randomness for openssl then it's definately possible that that's happening.
If you can configure this somewhere.. try setting it to /dev/urandom (if on Linux) and see if that solves your problems.
Of course there are other things it could be as well, so I'm just putting theories at the moment :>.
waiting for /dev/random seems a plausible theorie at the moment.
Erwin
