I know it's been talked about many times before, and I've read thru the archives, but I still don't quite get it. If I want to use I/O completion ports on Windows, I can perform the I/O as I normally would. But after reading the encrypted data off the socket, I write it to one end of the bio pair (the external bio), and then read from the other end (internal) which will give me unencrypted data. Similarly, if I want to write, I write to the unencrypted data to internal end of the bio pair, then read from the external end to get the encrypted data which is then written out to the socket. Does that sound right?
Would the pseudo-code for this look something like this (on the read end):
BIO* internal_bio = 0;
BIO* network_bio = 0;
BIO_new_bio_pair(&internal_bio, 4096, &network_bio, 4096);
SSL_set_bio(ssl, internal_bio, internal_bio);
SSL_set_connect_state(ssl);
BIO_set_ssl(internal_bio, ssl, BIO_NOCLOSE);
unsigned char readbuf[4096]; // buffer to hold encrypted data read off the socket
int iRead = recv(sock, readbuf, sizeof(readbuf), 0); // read the encrypted data off the socket
BIO_write(network_bio, readbuf, iRead); // write the encrypted data to the external end of the bio pair
cnsigned char unencrypted[4096]; // buffer to hold unencrypted data read off the internal bio
BIO_read(internal_bio, unencrypted, sizeof(unencrypted)); // read from the internal end to get the data unencrypted
