Piggybacking on the SSL handshake

Joel Reymont joelr1@REDACTED
Mon Dec 12 20:57:18 CET 2005


I'm dealing with a strange protocol implementation where the customer  
piggybacks on the SSL handshake and proceeds to selectively use SSL  
when needed.

The way they do this is by plugging "in" and "out" memory BIOs into  
OpenSSL and using them when needed. To kick things off they  
initialize OpenSSL with certificate, etc. and then wait for data to  
become available in the "out" BIO. They take the data, wrap it up and  
ship it over to the client that proceeds to unwrap the data, feed it  
to OpenSSL through the "in" BIO, wait for output, etc. Then they ask  
OpenSSL if the handshake was completed. Once the handshake is  
completed SSL is not used until needed.

My question is this... Can I implement this protocol using Erlang's  
SSL module?

It seems to use a proxy so if I can take the output form the proxy  
and wrap it up then I would be good. Of course I would also need to  
detect the end of the SSL handshake.

	Thanks, Joel


More information about the erlang-questions mailing list