> On Oct 10, 2016, at 3:52 AM, Ajay Garg <ajaygargn...@gmail.com> wrote:
>
> If(BIO_should_read(socket->ssl_bio) != 0)
>
> If(BIO_should_write(socket->ssl_bio) != 0)
In Postfix, we don't bother with the application layer ssl_bio,
and just do SSL_read()/SSL_write() directly. You only need this
if you specifically want a BIO API to SSL.
> With this, I could get the entire end-to-end workflow to work !!!!
You might not be done yet. Is the client verifying the server
certificate including name checks? Just doing TLS, without
certificate checks, only protects against passive attacks.
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
