On Mon, May 18, 2009 at 10:24:55AM -0700, Kyle Hamilton wrote:
> 'reverse SSL'?
>
> You get the OpenSSL source code from http://www.openssl.org/source/ .
> You can 'exchange' the role of client and server by having the client
> connect a TCP session to the listener and then passing that descriptor
> to a properly-setup SSL context with SSL_server_method, and the
> listener pass its descriptor to an SSL context with SSL_client_method.
In other words, the TCP initiator and passive listener are not necessarily
also the SSL client and server respectively. An application protocol is
free to nominate the TCP acceptor as the SSL initiator (client) and the
TCP initiator as the SSL server.
This is not "reverse" SSL, it is just ordinary SSL, with an SSL client
and an SSL server, where the SSL server initiates the *TCP* connection
to the SSL client.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
