All geek questions in one place

Multithreading with OpenSSL

I use OpenSSL to communicate with the server. I can send data to the server at any time, and the server may or may not be able to send a response. The server can also send data to the client without a request.

I use SSL through a BIO created using BIO_new_ssl_connect, and then using SSL_read and SSL_write.

My first approach was to use blocking sockets. I would start the thread and call SSL_read on it in a loop. Each call is blocked and returned only when reading some data. After each call, I can then pack the data and send it somewhere. When I have to write, I just call SSL_write from another thread.

I cannot figure out if it is valid to call SSL_write when doing SSL_read on the same connection from different threads. SSL_read failed while trying to disconnect (SSL_free / BIO_free) connection.

Are these calls from different threads appropriate? If not, is there a better approach to this problem (which seems very common)?

Can non-blocking sockets work better?

EDIT: Unfortunately, I had to add that I already implemented secure thread blocking, as described in the OpenSSL documentation.

+4
source share
1 answer

The OpenSSL library may be thread safe, but you must ensure that you commit the primitives yourself. From the OpenSSL FAQs :

OpenSSL, CRYPTO_set_locking_callback() CRYPTO_set_id_callback() OpenSSL 0.9.8 [abc...]. 1.0.0, CRYPTO_set_id_callback() API CRYPTO_THREADID_set_callback() . threads(3) manpage.

SSL_free(), SSL_read(), . , , API. SSL_read() SSL_write() . SSL_CTX *, , , SSL_free(), , , , OpenSSL - , SSL_CTX * - , .

, , . BIO, .

. , . , , SSL_free().

, , , , , . OpenSSL , BSD-. , "" OpenSSL , OpenSSL . , , (, ). , OpenSSL , , , "". , , , , , OpenSSL.

+6

Source: https://habr.com/ru/post/1526282/

More articles:


All Articles