On Thu, 27 Jan 2022 at 17:40, Phil Smith III <[email protected]> wrote: [...] > AT-TLS is cool, but not when you didn't ask for it. I had assumed that it > was integrated into GSK and/or TCP/IP such that this scenario would be > impossible. If it were, then presumably a gsk_environment_init() would keep > AT-TLS from kicking in, or cause a meaningful error. Not blaming IBM-this is > a user error, and I made an assumption that, while plausible, just isn't > correct.
What you can do, regardless of whether you *think* you're using AT-TLS or not, is to get the socket status using ioctl() with one of the SIOCTTLSCTL requests. This can tell you all kinds of stuff, but most basically you can see if the connection is secured (or will be if all goes well) by AT-TLS. It doesn't hurt to inquire. There are three kinds of AT-TLS application: passive (i.e. know nothing of AT-TLS), aware, and controlling, with not a hard line between the latter two. We wrote code in one product that makes inquiries into the connection state, and *may* take on controlling aspects if it sees the need, and otherwise just reports on the state of affairs. It can certainly help debugging to log everything you can find to ask about early in your socket processing. Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
