OpenSSL is thread safe in general, but it doesn't guarantee anything for the same object - working with the same BIO/SSL_CTX from multiple threads is not safe at all. It leads to being unable to read/write from the same SSL socket from 2 coroutines (unlike TCP socket - you CAN read/write from 2 coroutines simultaneously at the same time).

WolfSSL seems to provide the needed guarantees. We need its support, probably via OpenSSL compatability layer.