Thank you for your answer,
in fact what I am trying to do is to use TLS over a bluetooth socket. I use the L2CAP layer which is reliable. So it should work (as the specification of SSL/TLS says, we can use any protocol). Nevertheless when I use SSL_set_fd, I get no error. My client is sending his first message (I suppose the handshake), a hcidump shows me that the packet arrives well on the server side, but the SSL_accept just does not seem to react. Without the SSL stuffs, the exchange of data works flawlessly. Then I had a look at the structure of the socket, and some fields are different from a usual TCP/IP socket: eg., no field "port", but "psm", which is almost the same. So I started to think that openssl was mostly designed to work over a TCP/IP socket. And I wanted to try to transfer the messages from my bluetooth socket to a "fake" TCP/IP socket, because when I set a TCP/IP connection over bluetooth my program works... But I do not want to use TCP/IP...
I had already tried to call BIO_new, and SSL_set_bio, but without more success... But I have to say that I have not deeply looked at that way.
I had a look on the BIO pair from which you talked about. What I do not really understand is once I have my BIO, I can connect it to the L2CAP socket, and then connect the BIO to the SSL structure, right? But if I use the BIO pair, and manually use read and write, what about the SSL packets? I mean I have to check all the time the SSL structure to see if something needs to be sent on the BIO, and the other way, if something is on the BIO I have to send it to the SSL structure?
In the case of writting a custom BIO, I do not really know where to start... I will have a look at the source code and try to find further explainations.
Thank you for your help,
Ronan
Dr. Stephen Henson wrote:
On Thu, Feb 26, 2004, Ronan Daniellou wrote:
Hello everyone,
did anybody already use SSL/TLS over a non TCP-UDP/IP socket successfuly?
You can't use SSL/TLS over UDP due to its unrealiable nature though a draft standard is being discussed in the ietf-tls mailing list to allow SSL/TLS use over UDP. OpenSSL doesn't support it though.
It is possible to use SSL/TLS over any reliable transport. To do this with OpenSSL you can either write a custom BIO (to perform the I/O) or use a BIO pair (in which case you perform the I/O manually in the application).
Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
