On Mon, May 18, 2009 at 10:24:55AM -0700, Kyle Hamilton wrote: > 'reverse SSL'? > > You get the OpenSSL source code from http://www.openssl.org/source/ . > You can 'exchange' the role of client and server by having the client > connect a TCP session to the listener and then passing that descriptor > to a properly-setup SSL context with SSL_server_method, and the > listener pass its descriptor to an SSL context with SSL_client_method.
In other words, the TCP initiator and passive listener are not necessarily also the SSL client and server respectively. An application protocol is free to nominate the TCP acceptor as the SSL initiator (client) and the TCP initiator as the SSL server. This is not "reverse" SSL, it is just ordinary SSL, with an SSL client and an SSL server, where the SSL server initiates the *TCP* connection to the SSL client. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org