> Please assume that my function "SSL_Server_Socket" &
> "client_socket_descriptor" (called below) has
> SSL_library_init, SSL_CTX_new, SSL_new, SSL_set_fd. I
> am able to convert a socket to a SSL_socket.... not
> problem with that.
>
> Porblme is... in my program I want to know if I have
> to convert both server_socket and client_socket, to
> SSL_server_socket & SSL_client_socket ??
>
> Also, where to call SSL_accept()...? Should I pass
> Server_SSL to it or Client_SSL as parameter.
Sorry, I was wrong a bit... I was reading my code wrong.
First imagine we have a new socket for incoming connections. SOCKET sock.
This is listened to.
When we get an incoming connection, the listen() call finishes and then we
accept the connection. This is a new socket, SOCKET acceptit.
the SSL functions work on the *accepted* socket, "acceptit", *not* SOCKET
sock.
So... what I'm getting to is this:
The SSL socket you make with SSL_set_fd uses acceptit as its incoming and
outgoing socket (2nd paramter), and the 1st parameter to SSL_set_fd is the
new SSL-ised socket (which we will call ssl_server_socket).
Now, you can read and write to this socket, you do not have to SSL_set_fd
again. You only have to do it once!
You need to remove this chunk of code:
Create
SSL_Server_Socket(ssl,server_sock_descriptor);// made
server_scoket as an SSL_server_socket by calling
OpenSSL APIs
Your code should look like:
>>
Create a socket "sock";
server_sock_descriptor = sock_listen();//In
"sock_listen()", 'bind' and 'select' is done
while (true)
{
if (sock_select())
{
client_socket_descriptor = sock_accept();
//do the usual SSL_new, ssl_set_fd, and ssl_accept which is probably code
below
//please note, the only change in this code is change from
server_sock_descriptor below to client_sock_descriptor. not sure what to
do with server sock, but we don't need it for SSL.
//call- create
SSL_Client_Socket(SSL_client,client_sock_descriptor);
new_web_page(client_socket_descriptor);
new_thread(new_web_page); // create a thread
(which does read & write of HTTP/HTML) and goes back
to listen.
}
}
....
I hope that's clear. You can read and write to the SSL socket as if you
were just using 1 socket, not 2. And that socket is client_sock_descriptor
and you read and write to SSL_client which is a socket.
Not sure what to do with the old socket (the one that is listened to), my
guess is just close it afterwards, but that's a sockets question and not
SSL.
Phew! Hope that helps.
Jeremy.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
