Hello,
> The basic succession of calls are as follows. I think the program
> waits for an ssl_read or ssl_write to implicitly trigger the handshake
> process.
>
> meth = TLSv1_client_method()
>
> SSL_load_error_strings();
> SSLeay_add_ssl_algorithms();
> SSL_CTX_new(meth);
>
>
> ssl = SSL_new( ctx );
> sbio = BIO_new_socket( sock, BIO_NOCLOSE );
> SSL_set_bio( ssl, sbio, sbio );
> SSL_set_connect_state( ssl );
> iSslInitStatus = SSL_in_init( ssl );
>
> After that, the only API calls are ssl_read(), ssl_write() and an
> occasional SSL_pending( ssl ).
My proposition is to add:
ERR_print_errors_fp(stderr);
when connecting to Cisco (to check real errors)
and to add:
fprintf(stderr, "%s/%s", SSL_get_version(ssl), SSL_get_cipher(ssl));
to check what ciphers are negotiated with IIS.
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
