Getting the client connect right appears surprisingly messy when one needs to cope with all kinds of network error situations including domain name resolution issues and temporarily unreachable servers. Both indefinitely blocking and non-blocking behavior (i.e., connection attempts with and without a timeout) should be supported.
It is a complicated issue and hard to get right for all definitions of right for all applications ☺ A set of API’s that set up all the TLS “metadata”, and took a connected socket might be a way through the maze. For example: SSL *SSL_connection(int socket, const char *servername, …whatever…) -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev