Hi there,
I was wondering if has any examples (either pasted or links) on using file
descriptors (i.e. standard socket type operations) with OpenSSL.
I tried some basic code, but the things I'm doing don't seem to work (e.g. I
don't know how to build up a new SSL object given an existing fd on a SSL conn):
(establish BIO, bind to socket)
if(BIO_do_accept(bio) <= 0) {err..}
out = BIO_pop(bio);
if (!(ssl = SSL_new(ctx))) { err..}
SSL_set_bio(ssl, out, out);
if (SSL_accept(ssl)<=0) { ... }
at this point: SSL_write(ssl, "this works\n", 11); --- properly sends the text
to the client...
but if I try to 'rebuild' a connection from the fd, e.g. something like this:
int sockfd = SSL_get_fd(ssl);
SSL *ssl2 = SSL_new(ctx);
SSL_set_fd(ssl2,sockfd);
SSL_write(ssl2, "this doesn't\n", 14);
it doesn't... (I tried doing things like SSL_set_bio(ssl2, out, out); and
SSL_accept(ssl2))...
If anyone has any ideas they're most appreciated.
Also the reason for this code is that I'm trying to work out how to use fds
with OpenSSL. Essentially I've inherited an app that uses sockets for both
inter-process communication (local comms) and network comms. I've been tasked
with putting TLS on the network connections. But lots of the code involves
(extended) select()s or poll()s on the socket fds, so it would be great and far
less of a rewrite if I could also interact with OpenSSL connections using the
socket fds and then 'building up' the objects around them.
Thanks for your help! N
