The only way to do this is to have the kernel break out the alerts and send them to openssl separately. (I have to wonder why you're doing it this way, and how you're preventing several SSL toolkits running simultaneously from killing the connection when they increment the sequence number independently...)
-Kyle H On 7/5/06, Gayathri Sundar <[EMAIL PROTECTED]> wrote:
Thanks david..let me add more clarity to my requirement... Is there someway for the application to know before calling ssl_read, that some app data buffer can be got for sure? Or can SSL_peek prevent me from hitting the case you have mentioned? The reason is we are in a scenerio wherein all ssl control pkts are gonna be processed from userspace using openssl and all app data pkts are gonne be processed from kernel using our own ssl implementation. So when userspace openssl does manage to read app data, I need to ensure that whatever it has cached (add data bytes), has to be cleared and copied into our ssl library in kernel, so that it can wait for the remaining bytes and do the decryption. So in a crux, what can I do to ensure that openssl does not read app data pkts at all.. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of David Schwartz Sent: Thursday, July 06, 2006 11:05 AM To: openssl-users@openssl.org Subject: RE: Does Openssl cache App data -- 2nd Try.. > My requirement is that I dont want SSL to cache any bytes whatsoever. > Thanks > --Gayathri That sounds like a nonsensical requirement. Suppose OpenSSL is called to read some data. It calls 'read' and gets part of a record containing application-level data but too little data to return any data to the application (less than one block, so it cannot decrypt). What would you like OpenSSL to do if not cache the data until it can decrypt it? DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
