Hello everyone,
I have a client that attempts to open a secured session with the server. After
calling SSL_connect(), on failure, the client would free the SSL object, and
read the response on normal tcp socket.
On the other hand, the server calls SSL_accept(), and on failure, would free
the
- Original Message -
From: David Schwartz [EMAIL PROTECTED]
To: openssl-users@openssl.org
Sent: Friday, December 14, 2007 7:48 PM
Subject: RE: Problem in handling SSL_connect failures
I have a client that attempts to open a secured session with the server.
After calling SSL_connect
I have a client that attempts to open a secured session with the server.
After calling SSL_connect(), on failure, the client would free the SSL
object,
and read the response on normal tcp socket.
On the other hand, the server calls SSL_accept(), and on failure, would
free
the SSL object,
To begin with, when the client calls SSL_connect(), it is guaranteed that
the server is waiting / looping in SSL_accept(). So I believe there is no
chance that SSL_connect() will read any plaintext data.
Do you have any rational basis for this belief? Consider:
1) The client calls