On Fri, Jan 15, 2010 at 10:57:35AM -0500, Adam Grossman wrote:
> Is there a way i can detect if the incoming connection is not SSL/TLS
> (not encrypted) and then retrieve what has been read in already. i will
> then use standard read/write to handle the unsecure connection? i know
> that sounds like a bad idea, but i have requirements to do this...
If the client's first message is not an SSL HELLO message you could
treat the session as plain-text.
Application protocols that support both plain-text and SSL, tend to
have a "STARTTLS" verb, that explicitly initiates the TLS session,
that way you always start in plain-text.
If you protocol cannot support explicit STARTTLS, then you could
try to auto-detect TLS, which is a bit ugly, but not impossible,
provided plain-text messages can never look like an SSL HELLO.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
