>> I think I have encountered the same problem. It happens when you have
>> multiple threads doing HTTPS requests simultaneously.
>
>Guys. You talk very low-level libcurl talk. We have the
>curl-library mailing
>list setup especially for that. You'll reach many more fellow libcurl
>programmers there.
>
>I'm cc'ing this reply over there and I trust you take follow-ups
>to that list
>(only).
>

Ooops ! Sorry for that.

>> The problem is that in cURL, this initialisation is protected by
>a static
>> global variable (ssl_seeded in lib/ssluse.c). When many threads start
>> requests at the same time, they all check the ssl_seeded value
>and they all
>> call the random_the_seed() function. What I have done is to toggle the
>> initial value of ssl_seeded to TRUE and to ensure myself that OpenSSL is
>> correctly seeded before doing any request (call RAND_screen()
>for example on
>> Windows). It's not a very good patch but it works.
>
>Hm. Would it suffice for your case if we made the iniy variable a
>true global?
>Or do you have any other suggestions on how to fix this problem the best
>possible way?
>

I don't think it would be sufficient. The problem is that the
random_the_seed() function is called many times until the value of
ssl_seeded switchs to TRUE.
May be it would be possible to call the seeding function at cURL
initialisation (in Curl_SSL_init() for example).
Another idea is to allow only one thread to call the seeding function. Other
threads should wait until seeding is done. But it seems to be more difficult
to do without things like mutex.
I'm not enough easy with cURL internals to be more precise. If I can
contribute a patch, I'll do it.

Anyway, we use cURL library to do HTTP/HTTPS requests in a multi-threaded
application and it works just fine. It's really a very good tool.

Arnaud.
Received on 2005-07-27