its always better to use BIO for easier migration in the future if for some reason some enhancement/changes are to be done in your product. Also while using SSL_set_fd, socket BIO is automatically created and attaches to the TCP fd. What you can do is to create explicitely a read bio and a write bio and attach the same tcp fd to both for better progamming (wrt to keeping future in mind). Its just a couple of lines and not much programming.
Thanks --Gayathri Hello all, As we all know, the SSL object can work either with direct tcp sockets (SSL_set_fd()) or can work on top of socket BIO objects. In my current project, I am using SSL directly on top of tcp sockets (no BIOs). I wonder whether I loose some functionality provided by BIO layer? What are the advantages of using BIOs instead of tcp sockets? (As I understand it, BIO can be though of as a wrapper on tcp). What points should one take into account, while deciding whether to use BIOs or direct tcp sockets? Is there any security concern in using tcp sockets, instead of BIOs? Thanks, ~ Urjit DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Pvt. Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Pvt. Ltd. does not accept any liability for virus infected mails. ******************************************************************************** This email message (including any attachments) is for the sole use of the intended recipient(s) and may contain confidential, proprietary and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please immediately notify the sender by reply email and destroy all copies of the original message. Thank you. Intoto Inc. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]