Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge ssl branch and accept ssl policy file requests and unencrypted requests at the same port. #2

Open
bharendt opened this issue Apr 10, 2013 · 0 comments
Open

Merge ssl branch and accept ssl policy file requests and unencrypted requests at the same port. #2

bharendt opened this issue Apr 10, 2013 · 0 comments
Assignees
@bharendt

Comments

@bharendt
Copy link
Member

That's not so easy, because we have to read the first bytes from the socket and then decide, whether it is an unencrypted policy file request or a ssh handshake. This is simple, but, if that first bytes are the ssl handshake, these bytes have to be passed to the ssl application, because that app performs the handshake and expects the handshake data to be available in the read buffer of the socket, but we read them already. I think there are three possible ways of doing it (if we detected, that these bytes are from the ssl handshake)

  • put these bytes back to the socket buffer, then the ssl app can read them again from the buffer (but there is no [documented] api function for that)
  • doing the ssl handshake all by ourself (quite complex)
  • tell the ssl applicatoin to process the handshake data not from the socket, but from us (could work, if it would use the socket in active mode, but is uses it in passive mode)
@ghost ghost assigned bharendt Apr 10, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bharendt bharendt

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bharendt