On Thu, Jan 30, 2003 at 10:41:08AM -0000, Nigel Spowage wrote: > my client app calls SSL_renegotiate() and gets a return value of 1 > (success i presume, as i cann't find a man page for this > function). this sets up internal flags in ssl ready to negotiate the > connection. > > i call SSL_do_handshake() and get a return value of 1 (success), > however, no network traffic is sent, tcpdump/ethereal shows no > traffic sent at this point.
To guess what is going on, I'd have to know - whether your application is operating as a client or a server (an SSL/TLS client apparently) and - what protocol version is used. SSL 2.0 does not have renegotiations. For an SSL 3.0/TLS 1.0 client, the above sequence of calls looks OK, and SSL_do_handshake() should send data after you called SSL_renegotiate. To find out if renegotiation has taken place, you can use SSL_renegotiate_pending(). This function does not do anything except returning a boolean value: it becomes true when you call SSL_renegotiate() and remains true until a new handshake has completed. A possible explanation for why nothing happens when you call SSL_do_handshake() would be that a previous SSL_write() operation has not yet have completed. But if, according to SSL_get_error(), SSL_write() has completed, then for SSL 3.0 and TLS 1.0 SSL_renegotiate() followed by SSL_do_handshake() should send a ClientHello message. -- Bodo Möller <[EMAIL PROTECTED]> PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html * TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt * Tel. +49-6151-16-6628, Fax +49-6151-16-6036 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
