I'm not 100% sure what you're doing I'd imagine that if SSL was managing the fd's you wouldn't have this issue. You hvae to call accept() to get a new FD... and you'll only get that once, so when you accept() you should attach the bio and call ssl_accept(), no?
On Fri, Jan 12, 2018 at 5:52 PM, Priscilla Hero <grace.prisci...@gmail.com> wrote: > > > Hi Michael, > Without doing ssl_accept on the ssl will getpeername work? Also using the > existing ssl with ssl_accept for the first connection we don’t get the > information of second peer. Thus we ended up creating new bio/ssl each time > we get a request. > > Any suggestions? > > Thanks, > Grace > > On 12-Jan-2018, at 6:45 PM, Michael Wojcik <michael.woj...@microfocus.com> > wrote: > > >> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On > Behalf Of Grace Priscilla Jero > >> Sent: Friday, January 12, 2018 07:04 > > > > > >> Whenever a connect is initiated from any client we need to know if it > is already connected client or a new client. > >> We are doing this by > >> • creating bio/ssl each time a polling happens on the server fd > >> • fetching the peer using BIO_dgram_get_peer after ssl_accept > >> • Comparing it to the internally maintained list of peer > > > > Don't create the BIO immediately. Use getpeername on the socket > descriptor and check that against the list. Only create a new SSL object > and BIO if it's not an already-established client. > > > > -- > > Michael Wojcik > > Distinguished Engineer, Micro Focus > > > > > > -- > > openssl-users mailing list > > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
