Howard Chu wrote: > David Schwartz wrote:
> > I've managed to do this without problems for SMTP, POP, > > HTTP, and a few > > custom text-based protocols. Note that the protocol must be > > such that the > > client sends data first. If the server must send data first, > > then there is > > no way for the server to know what to send. > Given that SMTP and POP clients wait for a 220 greeting from the > server first, > this seems disqualify them from this approach. The SMTP and POP support is on the client side. They can detect if a server is using SSL or not by looking at whether they get a 220 greeting or an SSL negotiation. Sorry for being confusing. In pseudo-code, my "data received" handler looks like this: 1) Is connection in auto-detect SSL state? If no, process as normal. 2) Is the first byte of data received printable? If so, switch to plaintext mode and continue processing as normal. 3) If the first byte is non-printable, push an SSL filter onto the chain and push the data we received to the input hook of the SSL filter. You can see this code in action on one of our chat servers. The server is 'vampire.webmaster.com', port 6667. You can connect either directly with 'telnet' or securely with 'openssl s_client'. A simple way to get talking to it is to send a 'GUEST' command and respond to its 'PING <token>' with 'PONG <token>'. That should be enough to see how auto-detection works. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
