On Thu, Nov 28, 2024 at 11:11:46PM -0800, Thomas K wrote:
> Any suggestions and advice on how to do this properly is very welcome (also
> something like "Configure your proxy to open the second TLS connection" or
> similar, if you think that's the most reasonable way).
You can use the biopair API to extract ciphertext from the inner SSL,
and write it into the outer SSL, and conversely read from the outer
SSL and inject ciphertext into the inner SSL.
Though Postfix no longer uses this approach to move data between SSL
and "vstream" sockets, you can still find it in the source of
older releases:
https://github.com/vdukhovni/postfix/blob/postfix-2.3/postfix/src/tls/tls_bio_ops.c
See the embedded nroff docs and network_biopair_interop().
--
Viktor.
--
You received this message because you are subscribed to the Google Groups "openssl-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openssl-users+unsubscribe@xxxxxxxxxxx.
To view this discussion visit https://groups.google.com/a/openssl.org/d/msgid/openssl-users/Z0qPqFNboOTIKaU2%40chardros.imrryr.org.
