Hi,
Perhaps I misunderstand you, but wouldn't it be easier to just choose
eNULL cipher when no encryption is needed ?
Le 09/11/2012 06:08, Derek Cole a écrit :
Hello,
I have a server running that I am accepting both SSL and non SSL traffic.
Currently I check the traffic first and if the
Well that would still require an SSL handshake right? My client that sends
the unencrypted traffic knows nothing of SSL at all, and I can't modify it,
so it is just coming in a normal TCP stream.
On Fri, Nov 9, 2012 at 6:44 AM, Michel msa...@paybox.com wrote:
Hi,
Perhaps I misunderstand you,
I'd say you're doing it the right way now; traditionally services that
want to support SSL/TLS and not on the same port use the STARTTLS
methodology, starting with a plain connection. Since you can't modify
your client, you're stuck buffering a bit of data at the beginning to
sniff it it looks
Ok, I understand your point now.
But it sounds strange to me accepting on the same port incoming SSL
protected data and native TCP unprotected socket...
I am curious what other can tell about that.
Le 09/11/2012 14:19, Derek Cole a écrit :
Well that would still require an SSL handshake right?
Hello,
I have a server running that I am accepting both SSL and non SSL traffic.
Currently I check the traffic first and if the first part of the TCP data
looks like an SSL header, I send it off to an OpenSSL socket to be read. If
it's plaintext, I just read it right there on that socket.
Is it