I believe there is a call to get the raw socket after you accept, but I'm not sure what it is.
In our server, we do all the raw setup first, and then negotiate a secure session after we know the client is capable. We don't use BIOs but there should be a way to get the socket FD either . Dig around in the BIO calls and I bet you'll find it. Dave -----Original Message----- From: Dhoti Walla [mailto:lk2...@gmail.com] Sent: Tuesday, August 16, 2011 1:51 PM To: mclellan, dave; dhotiwa...@gmail.com; openssl-users@openssl.org Subject: Re: FW: noob question on OpenSSL Hi Dave, thank you for your response. setsockopt() and getpeername() both require a socket, but in my SSL code there is no direct access to a socket (at least none that I'm aware of). Here is how my SSL code goes: 1 alloc space for mutex_buf and init all mutexes 2 setup SSL static callbacks 3 setup SSL dynamic callbacks 4 call SSL_library_init() 5 call SSL_load_error_strings() 6 call SSL_CTX_new() 7 call SSL_CTX_load_verify_locations() 8 call SSL_CTX_set_default_verify_paths() 9 call SSL_CTX_use_certificate_chain_file() 10) call SSL_CTX_use_PrivateKey_file() 11) call SSL_CTX_set_verify() 12) call SSL_CTX_set_verify_depth() 13) call SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_SINGLE_DH_USE); 14) call SSL_CTX_set_tmp_dh_callback() 15) call SSL_CTX_set_cipher_list() 16 acc = BIO_new_accept(PORT) // create server socket 17 call BIO_do_accept(acc) // bind server socket 18 call BIO_do_accept(acc) from this code, how do I get a hold of the server socket so I can call setsockopt() on it and and the client socket so I can call getpeername() on it? thanks Dhoti dave.mclel...@emc.com wrote: > My post which answers your question didn't get distributed yet, and I don't > know why. Here was my answer from several hours ago. > > > +-+-+-+-+-+-+ > Dave McLellan, Symmetrix Software I18n Program > EMC Corporation, 176 South St, Hopkinton MA > Mail Stop 176-B1 1/P-36 > office 508-249-1257, fax 508-497-8027 > cell 978-500-2546 > +-+-+-+-+-+-+ > > > > > -----Original Message----- > From: mclellan, dave > Sent: Monday, August 15, 2011 7:28 AM > To: openssl-users@openssl.org > Subject: RE: noob question on OpenSSL > > Hi Dhoti. Neither of those questions relate specifically to OpenSSL, since > these are part of the fundamental networking behaviors. > > 1) Look at the system function setsockopt() for how to set the reuse-address > behavior. You must call this function after creating the socket, but before > calling bind(). > > 2) After a socket is connected, you can obtain the information about the > peer by calling the system function getpeername(), specifying the socket as > input. The sockaddr structure returned will contain the IP address of the > connected peer. > > +-+-+-+-+-+-+ > Dave McLellan, Symmetrix Software I18n/Security Programs > EMC Corporation, 176 South St, Hopkinton MA > Mail Stop 176-B1 1/P-36 > office 508-249-1257, fax 508-497-8027 > cell 978-500-2546 > +-+-+-+-+-+-+ > > > > > -----Original Message----- > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dhoti Walla > Sent: Saturday, August 13, 2011 7:01 PM > To: openssl-users@openssl.org > Subject: noob question on OpenSSL > > Hi, > > I've gotten OpenSSL to work for me using examples from the Network > Security with OpenSSL book. > > I've got two questions that I know are very basic - Mr Google was not > very helpful here > > 1) how do I set SO_REUSEADDR option on my OpenSSL server? > > 2) when a client connects to the my server, how can I get the IP address > of the client? > > thanks for all help > Dhoti > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
