Hi, I'm having trouble "duping" an SSL connection. I have an SSL *pointer that is going to be SSL_free'd, so I need to clone it or up the ref count or somehow make it stay alive. I see that in OpenSSL 1.1.0 it seems you added the SSL_up_ref - is there any equivalent functionality in 1.0.2? I also see that the documentation of SSL_dup has changed in 1.1.0 to a much more strict one (one that does not suit my needs).
What I'm basically in need of is some way of cloning the connection just like UNIX dup can duplicate a file descriptor so that a new server can use the dup'ed fd while the original server can go ahead and close the original fd without destroying the underlying connection. I need the equivalent in OpenSSL. I tried this: (0. Have some other HTTPS server accept & establish the SSL pointer) 1. get the SSL pointer, SSL_dup it 2. get the fd, UNIX dup it 3. SSL_set_fd on the duped SSL pointer to the duped fd 4. SSL_write & SSL_shutdown for demo This gives me SSL_ERROR_BAD_MAC_READ errors on the client. If I skip SSL_dup it works, and I can SSL_write a message that shows up in the client. But like I mentioned, the original server is going to SSL_free the SSL pointer I use, so I need to clone it somehow. I would be thankful for any clarifications on this. I've been skimming through the docs for 2 days now and it seems very ambiguous.
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev