> What I would like to do is to use OpenSSL's normal functionality, but
> without encapsulation of the actual operation of sending messages.
> Instead I would like all messages "forged" by OpenSSL - including
> handshake messages - to be sent back up to my module (which would be
> implemented in the Oz language I mentionned in my original post). Then
> the data would be sent accross the "high level" structured peer-to-peer
> network in a reliable way, and the reverse operation run on the other end.
I recommend using BIO paris for this purpose. There's example code in
ssltest.c. Basically, your code then does 4 things:
1) When you have unencrypted data to send, you hand it the OpenSSL.
2) When OpenSSL has encrypted data to send, you grab it from OpenSSL.
3) When you receive encrypted data from the other side, you hand it to
OpenSSL.
4) When OpenSSL has decrypted data to give, you grab it from OpenSSL.
The trick is to understand that these operations will not always appear
logically related. For example, you may hand some unencrypted data to
OpenSSL and it will not have any encrypted data ready for you to send yet.
Or you may receive some encrypted data, hand it the OpenSSL, and then find
there is no unencrypted data for you.
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
