Client initiates the TCP connection, Server listens for TCP connection. Client takes on 'TLSServer' role, Server takes on 'TLSClient' role. This does exactly what you're looking to do, without having to change the protocol. (The TLSServer can send a ClientHelloRequest to inform the other side that it expects it to be the TLSClient.)
-Kyle H On Mon, May 18, 2009 at 9:14 PM, Neetu Agrawal <agrawal.nee...@gmail.com> wrote: > Thanks for suggestion but may be i didnt put my query in right way . I want > that client initiate the request and server listen the request but the > roles of server and client get exchanged during the key genration to > offload the server from key decryption operation. > On Mon, May 18, 2009 at 11:23 PM, Victor Duchovni > <victor.ducho...@morganstanley.com> wrote: >> >> On Mon, May 18, 2009 at 10:24:55AM -0700, Kyle Hamilton wrote: >> >> > 'reverse SSL'? >> > >> > You get the OpenSSL source code from http://www.openssl.org/source/ . >> > You can 'exchange' the role of client and server by having the client >> > connect a TCP session to the listener and then passing that descriptor >> > to a properly-setup SSL context with SSL_server_method, and the >> > listener pass its descriptor to an SSL context with SSL_client_method. >> >> In other words, the TCP initiator and passive listener are not necessarily >> also the SSL client and server respectively. An application protocol is >> free to nominate the TCP acceptor as the SSL initiator (client) and the >> TCP initiator as the SSL server. >> >> This is not "reverse" SSL, it is just ordinary SSL, with an SSL client >> and an SSL server, where the SSL server initiates the *TCP* connection >> to the SSL client. >> >> -- >> Viktor. >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
