Hi Michael, Without doing ssl_accept on the ssl will getpeername work? Also using the existing ssl with ssl_accept for the first connection we don’t get the information of second peer. Thus we ended up creating new bio/ssl each time we get a request. Any suggestions? Thanks, Grace On 12-Jan-2018, at 6:45 PM, Michael Wojcik <Michael.Wojcik@xxxxxxxxxxxxxx> wrote: >> From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On Behalf Of Grace Priscilla Jero >> Sent: Friday, January 12, 2018 07:04 > > >> Whenever a connect is initiated from any client we need to know if it is already connected client or a new client. >> We are doing this by >> • creating bio/ssl each time a polling happens on the server fd >> • fetching the peer using BIO_dgram_get_peer after ssl_accept >> • Comparing it to the internally maintained list of peer > > Don't create the BIO immediately. Use getpeername on the socket descriptor and check that against the list. Only create a new SSL object and BIO if it's not an already-established client. > > -- > Michael Wojcik > Distinguished Engineer, Micro Focus > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
