As I mentioned in [1], checking (struct Port)->ssl for NULL to determine whether TLS is used for connection is a bit of a leaky abstraction, as that's an OpenSSL specific struct member. This sets the requirement that all TLS implementations use a pointer named SSL, and that the pointer is set to NULL in case of a failed connection, which may or may not fit.
Is there a reason to not use (struct Port)->ssl_in_use flag which tracks just what we're looking for here? This also maps against other parts of the abstraction in be-secure.c which do just that. The attached implements this. cheers ./daniel [1] fab21fc8-0f62-434f-aa78-6bd9336d6...@yesql.se
ssl_reporting.patch
Description: Binary data