Hello, > I would like to know if it is possible to have a port listening for > both SSL and plain-text connections, and if yes... with what library > functions can I achieve this? > Example: > > - Port 12345 listening; > - Client connects to port; > - Server checks if it is requested a SSL or plain-text; > - Server determines if it is SSL connect then use the normal SSL > read/write functions otherwise use the normal read/write functions; In standard OpenSSL API this is not possible. But you can decide inside your program if you should establish SSL or not. For example if client connects, you may recv(,,,MSG_PEEK) 5 bytes from client socket and check if this bytes are valid SSL2/SSL3/TLS1 record header (SSL2 and SSL3/TLS1 record headers are different). If yes, then you can call SSL_accept() on client socket if not, you can read()/write(), but of course better solution is to create wrappers witch will hide SSL_read()/read() or recv() and SSL_write()/write() or send() with some "virtual socket".
This functionality depends on server type, for example one server may expect request from client (like HTTP server) and second may write some banner to client before request (like smtp/pop3). But if any of this servers will want to establish SSL/TLS they first will send to your server client_hello SSL message. Because we are going to mix high level application protocol and SSL/TLS protocol this recv() should be performed non-blocking time-limited. Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
