[openssl-users] Means to update read bio only
Susan Hinrichs
shinrich at ieee.org
Fri Feb 6 15:48:36 UTC 2015
Hello,
In Apache Traffic Server we are primarily using SSL_accept and
SSL_read/SSL_write with file descriptor bios.
But during the handshake, we need to feed in our own packets via
read-only buffers. We use the BIO mem_buf to pass along this data
without incurring another copy. But on each read during the handshake,
we need to reset the read bio. We leave the write bio as the file
descriptor bio the whole time.
I originally tried to use SSL_set_bio(ssl, new_rbio, SSL_get_wbio(ssl)),
but that would adjust the output buffering and the handshake would not
complete.
So we created a SSL_set_rbio(ssl, new_rbio), that just frees the old
rbio and sets the new one. It leaves the wbio and the bbio alone.
This has worked well for us for a couple releases, but looking forward
to openssl 1.1, we will no longer be able to use this approach. Can
someone point me to the preferred way of updating a read bio without
affecting the write bio processing?
Thanks,
Susan
More information about the openssl-users
mailing list