> I need a new socket from SSL_accept the same way accept gives me a new
> socket, so I have a new socket for each user. How do I do this?
With the following very rough (untested, not even compiled) code:
int my_SSL_accept(int s, struct sockaddr *addr, socklen_t *addrlen,
SSL_CTX *ctx, SSL **ssl)
{
int fd, err;
/* try to accept a connection */
fd=accept(s, addr, addrlen);
if(fd<0) return fd;
/* create an SSL session for the connection */
*ssl=SSL_new(ctx);
SSL_set_fd(*ssl, fd);
/* start up the SSL protocol with the client */
err=SSL_accept(ssl);
if(err!=1)
{ /* protocol failure or connection closed/errored */
SSL_free(*ssl);
*ssl=NULL;
close(fd);
errno=EIO;
return -1;
}
/* all is well */
return fd;
}
On input:
s = The listening socket to accept a new connection from
addr = The address to receive the remote address
addlen = The in/out length of the remote address
ctx = The SSL context for this connection
ssl = Holds the pointer to the new SSL object associated with the session.
On return:
If return value is less than zero, it's an error value. EIO means an SSL
protocol error or network error during session negotiation. If return value
is greater than zero, it's the file descriptor (although it's not very
useful to you). On successful return, '*ssl' will point to the new SSL
session.
This really should try to figure out whether you want blocking or
non-blocking behavior. I wouldn't recommend using a function like this, just
code what you really want.
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
