|
|
Hi!
Michael Parkin wrote:
But from your code, you've noticed how to make QT sockets block... so
this isn't the issue.
Aren't they still non-blocking? Altough used in a blocking way?
First, SSL_connect: Do you understand the SSL handshake? (i.e.
Client_hello, server_hello, etc). This is crucial to understanding what
SSL_connect does and why it may fail. Google to find out, or read the
Eric Rescorla 'SSL and TLS' book (which I can't recommend enough).
Yeah, I hopefully know enough. :)
Secondly, have you checked the return code from SSL_connect to find the
actual SSL error? It doesn't look like it ;-) See http://
www.openssl.org/docs/ssl/SSL_get_error.html.
What you'll probably find is that the error is SSL_ERROR_WANT_READ -
the SSL session wants the data in it (the client_hello) read and sent
to the server. Then, use the sockets waitForReadyRead() to block until
the server sends its handshake message back. Pass this response to the
SSL session, then repeat the write/reads until the handshake is complete.
Yes, thats true, the is no error checking here, but I did want to have
as small example as possible, and yes, the error is SSL_ERROR_WANT_READ.
Finally, I'm interested to know why you've used SSL_set_fd instead of
the BIO interfaces ? (which, for me, made life easier)
According to the manual a socket BIO should be automatically created but
maybe I should get the BIO and work with that instead?
regards,
Robin
|
|