Hello,
> I noticed the custom server application I have to
> connect to tends to change connection port after a
> first handshake has been performed.
>
> I disagree with the server application administrator
> which states this is a normal behaviour due to SSL
> regonation.
My guess is that is rather custom application specific
rather SSL design. Something like tftp/tftpd session
management in UDP.
> As far as I understand regonation should take place
> over the same tcp channel (same source/destinatation
> ports) of the previous handshake.
SSL renegotiation are performed over already established
TCP/SSL channel.
If you want to test renegotiation from client
point of view you may connect to SSL server with
openssl command:
$ openssl s_client -connect ip:port
and after successful connection enter "R<enter>"
and than client will trigger renegotiation
so you may see results.
But all that take place within the same TCP connection.
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
