On Mon, 19 Apr 2010 11:58:51 +0200 (CEST) Ondrej Jombik <jom...@platon.org> wrote:
> I do need this for client side. Machine where connection is > originating has several IP addresses and the remote machine will > accept connection only from one of those. So I need to choose exactly > one source IP address when creating connection. > > Can your example be modified for this? > The code for the client side is very similar. So you set IP address and port number and then call bind() to associate source IP address with the socket, otherwise OS kernel will choose IP address for you. To connect to the server you call connect(). Once you have a connected socket, you creae SSL object, call SSL_set_fd() to associate connected socket with SSL object and then call SSL_connect() to initiate SSL handshake. I think this should work, just give it a try. > Also I noticed that in your example there is no BIO used at all. Now > I'm even more confused, since I thought that BIO is something like > must-have when dealing with SSL connections. > > If I ever properly create socket with desired properties, ie. correct > originating source address and correct destination address and port, > should I pass this socket to SSL with SSL_set_fd() or to BIO with > BIO_set_fd() ? I think there are different ways of associating file descriptors with SSL objects. Calling SSL_set_fd() and passing it connected socket should automatically associate that socket with SSL object and create the necessary BIO. Have a look at the man page for SSL_set_fd if in doubt. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
