On Wed, Mar 02, 2005, Peter wrote:
I am using BIO_set_fd to set the file descriptor of a BIO created by
BIO_new_connect to the socket of an existing SOCKS connection. This
seems to work fine, lsof -i reports that indeed I am connected to the
proxy. However, I want to be sure that my ip address is not embedded
in the SSL connection in any way!!! Can anyone assure me of this?
What is BIO_set_fd supposed to do? What is the behavior of openSSL
when BIO_set_fd is used with an existing connection. Does
BIO_do_connect not open a TCP connection if one already exists? Is the
ip address of the client never used in the SSLv2/3/TLS protocol?
If you want to use BIOs then you can first create a socket BIO with
BIO_new_socket(). A socket BIO is preferable because on some platforms
sockets aren't fds.
There are several other ways to achieve the same thing but that's the easiest.
The IP address isn't embedded in the SSL connection.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
