On Wed, Mar 02, 2005, Peter wrote:

> I am using BIO_set_fd to set the file descriptor of a BIO created by 
> BIO_new_connect to the socket of an existing SOCKS connection.  This 
> seems to work fine, "lsof -i" reports that indeed I am connected to the 
> proxy.  However, I want to be sure that my ip address is not embedded 
> in the SSL connection in any way!!!  Can anyone assure me of this?  
> What is BIO_set_fd supposed to do?  What is the behavior of openSSL 
> when BIO_set_fd is used with an existing connection.  Does 
> BIO_do_connect not open a TCP connection if one already exists?  Is the 
> ip address of the client never used in the SSLv2/3/TLS protocol?
> 

If you want to use BIOs then you can first create a socket BIO with
BIO_new_socket(). A socket BIO is preferable because on some platforms
sockets aren't fds.

There are several other ways to achieve the same thing but that's the easiest.

The IP address isn't embedded in the SSL connection. 

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to