A simpler question might be (hopefully), is after i call "SSL_accept", is there a way to retrieve all the raw data which was read in by SSL_accept?
thanks, -=- adam grossman On Fri, 2010-01-15 at 11:51 -0500, Victor Duchovni wrote: > On Fri, Jan 15, 2010 at 10:57:35AM -0500, Adam Grossman wrote: > > > Is there a way i can detect if the incoming connection is not SSL/TLS > > (not encrypted) and then retrieve what has been read in already. i will > > then use standard read/write to handle the unsecure connection? i know > > that sounds like a bad idea, but i have requirements to do this... > > If the client's first message is not an SSL HELLO message you could > treat the session as plain-text. > > Application protocols that support both plain-text and SSL, tend to > have a "STARTTLS" verb, that explicitly initiates the TLS session, > that way you always start in plain-text. > > If you protocol cannot support explicit STARTTLS, then you could > try to auto-detect TLS, which is a bit ugly, but not impossible, > provided plain-text messages can never look like an SSL HELLO. > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
