Boost logo

Boost :

Subject: Re: [boost] [ASIO] async SSL operations unnecessary serialized?
From: Lars Viklund (zao_at_[hidden])
Date: 2012-09-15 07:46:00

On Fri, Sep 14, 2012 at 11:06:43PM +0200, Michał Madziar wrote:
> Hello all.
> It looks like all openssl_operation handlers are synchronized on
> io_service allowing only one connection to be processed at the a time.
> As I understand this orginated from the time when libopenSSL didn't
> support multi-threaded applications, but it slows down everything a lot.

It's not long ago someone had a long rant on the IRC channel about the
insanity of not serializing OpenSSL operations, as it's "well known"
that it's not generally thread-safe.

> Adding locking function, and getting rid of strand_->wrap in lines 320,
> 385 in file boost/asio/ssl/detail/openssl_operation.hpp allows SSL
> connections to be used in multiple threads simultaneously solving the
> problem. Or do I miss something?
> I've attached simple line-based echo server which demonstrates the problem:
> openssl s_client -connect localhost:10001 #x 2
> telnet localhost 10000 #x 2
> After sending something in each connection TCP and one SSL work in
> parallel, second SSL waits with receiving until first one finishes it's
> write. After patching all connections work in parallel.

Since which OpenSSL version is this supposed universal lock feature?

What kind of macros exist to test the existence of this feature and
whether it's enabled?

Do you need some particular flags to your program to enable a
threading-enabled OpenSSL?

What about libraries that are interface-compatible with OpenSSL?

Just changing things based on what some bleeding-edge version may
support sounds a bit eager, particularly considering that many
environments may ship rather old and stable ones which are quite a
bother to replace safely.

Lars Viklund | zao_at_[hidden]

Boost list run by bdawes at, gregod at, cpdaniel at, john at