On 06/02/15 21:46, Matt Caswell wrote: > > > On 06/02/15 15:48, Susan Hinrichs wrote: >> Hello, >> >> In Apache Traffic Server we are primarily using SSL_accept and >> SSL_read/SSL_write with file descriptor bios. >> >> But during the handshake, we need to feed in our own packets via >> read-only buffers. We use the BIO mem_buf to pass along this data >> without incurring another copy. But on each read during the handshake, >> we need to reset the read bio. We leave the write bio as the file >> descriptor bio the whole time. >> >> I originally tried to use SSL_set_bio(ssl, new_rbio, SSL_get_wbio(ssl)), >> but that would adjust the output buffering and the handshake would not >> complete. >> >> So we created a SSL_set_rbio(ssl, new_rbio), that just frees the old >> rbio and sets the new one. It leaves the wbio and the bbio alone. >> >> This has worked well for us for a couple releases, but looking forward >> to openssl 1.1, we will no longer be able to use this approach. Can >> someone point me to the preferred way of updating a read bio without >> affecting the write bio processing? > > > Hmmmm... that's a good question. I don't think you can set just the rbio > by itself. > > I wonder if maybe we extended SSL_set_bio, so that you could do this: > > SSL_set_bio(s, rbio, NULL); > > I'll look into it. > > This would be a good item to add to Rich's wiki page. > I've just pushed a new commit to master (1.1.0), that adds SSL_set_rbio, and SSL_set_wbio as new API functions along with some associated documentation. Matt
