Thanks. I wrote some simple tests to exercise this and it worked
correctly. I was just not seeing how.
Jay
On 10/3/2022 11:26 PM, Tomas Mraz wrote:
Your analysis is correct. However the library is still correct in
regards to refcounting even for an SSL BIO in the chain. The reason is
that
Your analysis is correct. However the library is still correct in
regards to refcounting even for an SSL BIO in the chain. The reason is
that the decrement of refcount of the BIOs underlying the SSL BIO is
handled through the actual freeing of the SSL BIO. If the refcount for
the SSL BIO in the
Your response makes sense. I am a bit puzzled by the BIO reference
counting. For example
BIO_new() (or BIO_new_socket() which calls BIO_new()) produces a
BIO with a reference count of 1.
BIO_free() drops 1 reference and if the reference count is 0, frees
the BIO.
BIO_push()
The SSL BIO should have the rbio from the SSL object as the next BIO.
If you create the SSL BIO and then BIO_push() the TCP socket BIO into
the SSL BIO, it will work correctly.
Otherwise, you can just fix the next BIO of the SSL BIO by using
BIO_up_ref(socketbio);
BIO_set_next(sslbio,
I have an application that constructs a chain of BIOs. Sometimes this
chain also includes an SSL BIO. Years ago, I ran into a problem that
caused BIO_flush() to segfault on the SSL BIO. This turned out to
happen because the SSL BIO is added using SSL_set_bio() instead of
BIO_push().