[openssl-users] Getting the retry reason for a "failed" BIO_write/BIO_read
ajaygargnsit at gmail.com
Mon Oct 10 09:17:54 UTC 2016
On Mon, Oct 10, 2016 at 1:31 PM, Viktor Dukhovni <openssl-users at dukhovni.org
> > On Oct 10, 2016, at 3:52 AM, Ajay Garg <ajaygargnsit at gmail.com> wrote:
> > If(BIO_should_read(socket->ssl_bio) != 0)
> > If(BIO_should_write(socket->ssl_bio) != 0)
> In Postfix, we don't bother with the application layer ssl_bio,
> and just do SSL_read()/SSL_write() directly. You only need this
> if you specifically want a BIO API to SSL.
> > With this, I could get the entire end-to-end workflow to work !!!!
> You might not be done yet. Is the client verifying the server
> certificate including name checks? Just doing TLS, without
> certificate checks, only protects against passive attacks.
I will add this "enhancement", once I complete the code, in a manner that
is portable across "any" device.
Please expect a few questions from me on other threads :P
Thanks and Regards,
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users