[openssl-dev] How to use BIO_do_connect(), blocking and non-blocking with timeout, coping with errors
Salz, Rich
rsalz at akamai.com
Tue Aug 29 14:15:58 UTC 2017
Getting the client connect right appears surprisingly messy when one
needs to cope with all kinds of network error situations including
domain name resolution issues and temporarily unreachable servers.
Both indefinitely blocking and non-blocking behavior (i.e., connection
attempts with and without a timeout) should be supported.
It is a complicated issue and hard to get right for all definitions of right for all applications ☺
A set of API’s that set up all the TLS “metadata”, and took a connected socket might be a way through the maze. For example:
SSL *SSL_connection(int socket, const char *servername, …whatever…)
More information about the openssl-dev
mailing list