On 2/7/2015 8:33 AM, Matt Caswell wrote:
On 06/02/15 21:46, Matt Caswell wrote:
On 06/02/15 15:48, Susan Hinrichs wrote:
Hello,
In Apache Traffic Server we are primarily using SSL_accept and
SSL_read/SSL_write with file descriptor bios.
But during the handshake, we need to feed in our own packets via
read-only buffers. We use the BIO mem_buf to pass along this data
without incurring another copy. But on each read during the handshake,
we need to reset the read bio. We leave the write bio as the file
descriptor bio the whole time.
I originally tried to use SSL_set_bio(ssl, new_rbio, SSL_get_wbio(ssl)),
but that would adjust the output buffering and the handshake would not
complete.
So we created a SSL_set_rbio(ssl, new_rbio), that just frees the old
rbio and sets the new one. It leaves the wbio and the bbio alone.
This has worked well for us for a couple releases, but looking forward
to openssl 1.1, we will no longer be able to use this approach. Can
someone point me to the preferred way of updating a read bio without
affecting the write bio processing?
Hmmmm... that's a good question. I don't think you can set just the rbio
by itself.
I wonder if maybe we extended SSL_set_bio, so that you could do this:
SSL_set_bio(s, rbio, NULL);
I'll look into it.
This would be a good item to add to Rich's wiki page.
I've just pushed a new commit to master (1.1.0), that adds SSL_set_rbio,
and SSL_set_wbio as new API functions along with some associated
documentation.
Matt
Great! Thanks for the addition. I'll take it for a spin.
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
