Getting the client connect right appears surprisingly messy when one
needs to cope with all kinds of network error situations including
domain name resolution issues and temporarily unreachable servers.
Both indefinitely blocking and non-blocking behavior (i.e., connection
attempts with and without a timeout) should be supported.
It is a complicated issue and hard to get right for all definitions of right
for all applications ☺
A set of API’s that set up all the TLS “metadata”, and took a connected socket
might be a way through the maze. For example:
SSL *SSL_connection(int socket, const char *servername, …whatever…)
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
