On Tue, Dec 05, 2000 at 09:51:02AM -0500, Sudeep Sudhakaran wrote:
> Thanx for the generic information... My client server program works in a
> non-secured environment. If a ssl-client tries to connect, connection is
> accepted for a secured server. But if a non-ssl client connects, the access
> permissions client has will be limited. But both has to connect to the same
> port number because of design criteria.
> Only way I can figure out that this is a non-ssl client is by initiating a
> server handshake. But SSL_Accept function waits till the client initiates a
> handshake and the program hangs right there..
I seems that you have a protocol problem. Your normal (non-ssl) protocol
expects the server to speak first while ssl expects the client to speak
first. There is probably no clean solution to it.
In stunnel they try to provide a similar functionality by guessing, whether
to use (SMTP with SSL tunneling) vs. (STARTTLS extension to SMTP). They
do so by waiting whether there is client input. In this case, SSL is assumed.
This can only be done by waiting for the client to time-out.
You could e.g. perform a select() on the input channel to see, whether the
client sends data. In this case, initiate SSL_accept(). If it did not until a
certain period of time is exceeded, you assume non-SSL and have the server
initiate the non-SSL protocol.
Don't ask me what the Windows replacement for select() is...
Having this said, you should rather fix your protocol or setup to avoid
this problem at all.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
