On 13 May 1998, Einar Floystad Dorum wrote:
> I am trying to make a threaded SSL web proxy. It listen on a
> port. Recives unencrypted conections. And then forwards them onto the
> internet.
>
> But i have meet with a problem. This code fragment of my
> inner loop higlights it:
>
> for(;;){
> if (BIO_do_accept(sock) <= 0){
> ERR_print_errors_fp(stderr);
> break;
> }
> BIO_read(sock,&in,0);
>
> //Create a new thread that starts in the work function with
> //sock as a parameter
>
> pthread_create(&thr,NULL,work,(void*)sock);
>
> }
>
> This ends in both BIO_do_accept and work use'ing the same BIO, wich is
> of course not what i want. But what to do i need to do to make it
> work? (Is there something like the BSD accept function call in
> SSLeay?) Or is my design flawed?
The accept BIO is not too well documented, but is quite powerfull.
The first BIO_do_accept(acpt_bio)
creates the socket.
When this call subsequently returns, it has 'pushed' a new socket BIO onto
it's self which is used for reading/writing.
sock_bio=BIO_pop(acpt_bio)
Will remove this BIO. acpt_bio can be used again with BIO_do_accept()
and sock_bio can be sent off into the new thread.
On other nice thing you can do is after the accept BIO is created,
BIO_set_accept_bios(acpt_bio,bio_stack);
can be used to specify the set of BIO's to duplicate and return after
a BIO_do_accpet().
So You can create an SSL BIO, push it under a buffering BIO, and then
BIO_set_accept_bios() the BIO stack.
When a connection is recieved, BIO_pop() will return a buffer->ssl->socket
BIO chain. This can then be used to read line buffered data.
This will work for all future BIO_do_accept() (I added a BIO_ctrl setting
so duplication of BIOs works correctly).
eric
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
