[openssl-users] Means to update read bio only
Susan Hinrichs
shinrich at ieee.org
Mon Feb 9 15:15:00 UTC 2015
On 2/7/2015 8:33 AM, Matt Caswell wrote:
>
> On 06/02/15 21:46, Matt Caswell wrote:
>>
>> On 06/02/15 15:48, Susan Hinrichs wrote:
>>> Hello,
>>>
>>> In Apache Traffic Server we are primarily using SSL_accept and
>>> SSL_read/SSL_write with file descriptor bios.
>>>
>>> But during the handshake, we need to feed in our own packets via
>>> read-only buffers. We use the BIO mem_buf to pass along this data
>>> without incurring another copy. But on each read during the handshake,
>>> we need to reset the read bio. We leave the write bio as the file
>>> descriptor bio the whole time.
>>>
>>> I originally tried to use SSL_set_bio(ssl, new_rbio, SSL_get_wbio(ssl)),
>>> but that would adjust the output buffering and the handshake would not
>>> complete.
>>>
>>> So we created a SSL_set_rbio(ssl, new_rbio), that just frees the old
>>> rbio and sets the new one. It leaves the wbio and the bbio alone.
>>>
>>> This has worked well for us for a couple releases, but looking forward
>>> to openssl 1.1, we will no longer be able to use this approach. Can
>>> someone point me to the preferred way of updating a read bio without
>>> affecting the write bio processing?
>>
>> Hmmmm... that's a good question. I don't think you can set just the rbio
>> by itself.
>>
>> I wonder if maybe we extended SSL_set_bio, so that you could do this:
>>
>> SSL_set_bio(s, rbio, NULL);
>>
>> I'll look into it.
>>
>> This would be a good item to add to Rich's wiki page.
>>
> I've just pushed a new commit to master (1.1.0), that adds SSL_set_rbio,
> and SSL_set_wbio as new API functions along with some associated
> documentation.
>
> Matt
Great! Thanks for the addition. I'll take it for a spin.
>
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
More information about the openssl-users
mailing list