This is an automated topic to discuss http://www.metalshell.com/source_code/108/OpenSSL_Server_Example.html. Please keep all replies related to this code example.

SSL_accept is a blocking function. So if a socket connection is made (socket connection accept is non-blocking because of the select), but no SSL_connect is made, the thread will hand because the server do not manage completely non-blocking connection

I am running this example on Ubuntu 8.04

There I had to add this call:
SSLeay_add_ssl_algorithms();
in "void SSLServer::CreateCTX(void)" immediately after:
SSL_load_error_strings();
Else I got nasty error:
23463:error:140A90A1:SSL routines:SSL_CTX_new:library has no ciphers:ssl_lib.c:1456:

Another issue is when I try to connect with mozilla Firefox for the first time and hat to add exception to the certificate, the ./sslserver crashed with segmentation fault.
I fixed it this way in "void *conn_thread(void *ssl)":
cout << "Encryption Description:\n";
if( sslciph ) {
cout << SSL_CIPHER_description(sslciph, cipdesc, sizeof(cipdesc)) << endl;
...
} else {
cout << "*** ERR: Encryption Description BAD!\n";
}

Hi,

I have made some modification to the code. It helps greatly. However, I noticed that there isn't any code that make openssl thread-safe. From mttest.c under openssl examples, it seems that we have to call thread_setup to setup the necessary mutex/locks for openssl to be thread-safe. I have tried to test the server code with multiple threads (in terms of hundreds), and the server failed to received the data correctly. Hope that someone from the forum can help. =)

Regards