SSL handshake with a web server using Memory BIOs?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Suppose the TLS layer is initialized in the form:

  SSL_CTX *ctx = SSL_CTX_new(TLS_client_method());
  BIO *r = BIO_new(BIO_s_mem());
  BIO *w = BIO_new(BIO_s_mem());
  SSL *ssl = SSL_new(ctx);
  SSL_set_bio(ssl, r, w);
  SSL_set_connect_state(ssl);

I want to use BIO so that I can control IO to/from the TCP layer 
underneath using standard system-esque calls (connect(), 
read(), write() on a socket fd).

The transfer itself is carried out through SSL_write() then followed by 
BIO_read(), and BIO_write() followed by SSL_read() in/from the 
respective BIO *w, *r.

This is all fine and dandy but how should the manual handshake be 
implemented?

Something akin to:

{
  char buffer[1024];
  while (!SSL_is_init_finished(ssl))
  {
    SSL_do_handshake(ssl);
    int nbytes;
    if ((nbytes = BIO_read(w, buffer, sizeof buffer)) > 0)
      write(fd, buffer, nbytes);
    else if ((nbytes = read(fd, buffer, sizeof buffer)) > 0)
      BIO_write(r, buffer, nbytes);
  }
}

Such a handshake can be put in wherever the server/client needs to 
connect, eg called during initialization.

The handshake works fine when the client-server is on a localhost. 
However when connecting to a web server the handshake takes long to 
return and doesn't do the handshake either. So the question is, what 
further provisions need to be made to connect to a non-local web server? 
Or perhaps the above handshake should be integral to BIO_write() and 
BIO_read() calls. I'm not sure, I have not looked at the actual 
library sources as what SSL_() precisely does. Anyone care to send some 
info my way in this particular case..?



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux