I see you got it working! Just some comments below
On 05/06/15 12:34, Lorenzo Miniero wrote:
> I've started looking into filters and I have some doubts, though, also
> taking into account what you suggested, and I apologize again if this
> turns out to be silly. As far as I've understood, what I should do is
> changing the current pattern I use for outgoing packets:
>
> application < memBIO < ssl
>
> to something like this:
>
> application < memBIO < filter < ssl
>
> or this:
>
> application < filter < memBIO < ssl
>
> that is, a new BIO filter that enforces the fragmentation I talked
> about. Not exactly sure about which one should be the way to go, but
> I've given this some thought.
I took a very brief look at your code and I see you went with the first
option. That's fine, although I would have done it slightly differently:
application <-- -- ssl
| |
| V
filter
^ V
memBIO
i.e. the filter does all the reading and writing to the memBIO. libssl
calls BIO_write(), the filter takes note of the packet sizes, and then
writes to the membBIO. When the application wants to read data it calls
BIO_read on the filter, and the filter figures out how big the packet
needs to be and reads that amount out of the memBIO. Your way works too
though.
Matt
