Hello,
I have small client app that is sending & receiving SSL traffic. Now I
want to renegotiate keys whenever user of my app will request it.
I've searched a bit on google and I've noticed that common way to do it
is to call two functions:
SSL_renegotiate()
SSL_do_handshake()
but then I've looked into implementation of s_client and I don't see
when SSL_do_handshake() being called at all (for renegotiation). Then I
went one step further and implemented my renegotiation, so that only
SSL_renegotiate() is called (and then I call SSL_read or SSL_write with
proper handling of SSL_ERROR_WANT_READ/WRITE). In the wireshark I can
see Client/Server Hello & ChipherChange messages properly exchanged. So
it "seem" to work.
My question is - what's the proper way to do SSL_renegotiate? Can I
assume that calls to SSL_read() or SSL_write() done after call to
SSL_renegotiate() will do the same job as SSL_do_handshake would do ?
Best Regards,
Kris
PS: I'm using OpenSSL 1.0.1e
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
