[openssl-users] Async BIO

Alfred E. Heggestad aeh at db.org
Fri May 20 07:55:35 UTC 2016



On 19/05/16 23:02, Victor_Webber at DellTeam.com wrote:
> Has anyone implemented the asynchronous version of the SSL_xxx().   It is nice to see that they appear to be supported, but I would like to know if anyone has
> actually implemented an application which uses the asynch version of the calls.
>
>
> I looked at the source, and there were a few niche areas where there were some shortcomings in handling a completely non-blocking implementation.
>

Hi Victor,


we have been using the async BIO interface of OpenSSL for a long time
now, in the libre protocol stack project [1]. main usage of OpenSSL
is TLS/DTLS for application level protocols such as SIP and HTTPS.


it is important and to use the CRYPTO locking api if the application
is multithreaded, and to clear the global error queue by calling
ERR_clear_error() in case of ANY errors (otherwise the next function
call might return that error and it becomes impossible to debug).


after this was implemented properly, we have not have a single
crash in many months. The applications using this code varies
from embedded systems to large scale servers.



/alfred

[1] http://www.creytiv.com/re.html



More information about the openssl-users mailing list