[openssl-users] Fwd: Information to detach a BIO from fd
Michael Richardson
mcr at sandelman.ca
Sat Jan 13 21:33:46 UTC 2018
Priscilla Hero <grace.priscilla at gmail.com> wrote:
> Hi Michael, Without doing ssl_accept on the ssl will getpeername work?
ssl_accept() processes the packets on the socket.
getpeername() on a (Unix) socket will always work.
However, getpeername() on a UDP socket won't produce anything unless the
socket was connect(2)'ed. In order to get the address of the remote system
one has to get it when receiving the packet.
That's why: https://github.com/mcr/openssl/commit/f764151782b4b32a752b4016336c0ceafa98ed5c
retrieves the peer name from the BIO.
> On 12-Jan-2018, at 6:45 PM, Michael Wojcik
> <Michael.Wojcik at microfocus.com> wrote:
>> Don't create the BIO immediately. Use getpeername on the socket
>> descriptor and check that against the list. Only create a new SSL
>> object and BIO if it's not an already-established client.
That only works with TCP.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] mcr at sandelman.ca http://www.sandelman.ca/ | ruby on rails [
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180113/ec0f7211/attachment.sig>
More information about the openssl-users
mailing list