On Mon, Oct 10, 2016 at 1:31 PM, Viktor Dukhovni <openssl-us...@dukhovni.org > wrote:
> > > On Oct 10, 2016, at 3:52 AM, Ajay Garg <ajaygargn...@gmail.com> wrote: > > > > If(BIO_should_read(socket->ssl_bio) != 0) > > > > If(BIO_should_write(socket->ssl_bio) != 0) > > In Postfix, we don't bother with the application layer ssl_bio, > and just do SSL_read()/SSL_write() directly. You only need this > if you specifically want a BIO API to SSL. > > > With this, I could get the entire end-to-end workflow to work !!!! > > You might not be done yet. Is the client verifying the server > certificate including name checks? Just doing TLS, without > certificate checks, only protects against passive attacks. > Thanks Viktor. I will add this "enhancement", once I complete the code, in a manner that is portable across "any" device. Please expect a few questions from me on other threads :P Thanks and Regards, Ajay > > -- > Viktor. > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- Regards, Ajay
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
