sounds good I will try that thanks,
Perry
mclellan, dave wrote:
The SSL socket and the raw socket are not two different physical
descriptors. By using SSL_set_fd you are merely associating the file
descriptor with the higher level SSL protocol. SSL needs the physical socket
you created to do its own I/O on.
My application (previously non-SSL enabled, we added SSL to it) has exactly
the same configuration: a socket produced by a regular socket() or accept()
call, which is then linked to an SSL session. But the original descriptor
must not be closed, as far as I know.
you could do some encapsulation of the socket descriptor and the SSL
session. Or: you don't have to remember the socket descriptior until close
time: you can use SSL_get_fd() call to retrieve the descriptor at that time;
then you call close() with the retrieved value. I haven't tried this but it
looks like it will work.
like perhaps:
newSocket = accept();
newSSLSocket = NewSSLSocket();
SSL_set_fd( newSSLSocket, newSocket );
....
..... do stuff with SSL socket
s = SSL_get_fd(newSSLsocket);
SSL_shutdown( newSSLScoket);
close( s );
Dave
Dave McLellan --Consulting Software Engineer - SPEA Engineering
EMC Corporation
228 South St. Mail Stop: 228 LL/AA-24
Hopkinton, MA 01748 USA
+1-508-249-1257 F: +1-508-497-8030 [EMAIL PROTECTED]
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Perry L. Jones
Sent: Friday, November 18, 2005 10:09 AM
To: openssl-users@openssl.org
Subject: SSL_set_fd Question
hello,
In my code I have a normal socket and I am using SSL_set_fd to turn it
into an SSL socket. After I have make it an SSL socket I no longer need
or want to the original socket. I have tried closing it after the
SSL_set_fd but this make the SSL socket no good.
What I want is to have only one socket reference to manage and close
when my process is done. I don't want to keep track of both the normal
socket and the SSL socket for closing in the end. I have tried closing
the SSL socket after it has been set but this does not close the
original socket.
Currently working code flow:
newSocket = accept();
newSSLSocket = NewSSLSocket();
SSL_set_fd( newSSLSocket, newSocket );
....
..... do stuff with SSL socket
SSL_shutdown( newSSLScoket)
close( newSocket );
I would like a flow like this if possible ( this flow does not work I am
not allowed to close the original socket):
newSocket = accept();
newSSLSocket = NewSSLSocket();
SSL_set_fd( newSSLSocket, newSocket );
close( newSocket );
....
..... do stuff with SSL socket
SSL_shutdown( newSSLScoket);
I would welcome any suggestions.
Thanks,
Perry
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
