How to perform rehandshake (revision) using the OpenSSL API?

Question

How to perform rehandshake (revision) using the OpenSSL API?

How to perform rehandshake (revision) using the OpenSSL API? I need both types: when the server initiates and when the client initiates a new handshake.

+4

ssl openssl handshake

rasjv Mar 09 '15 at 14:20

source share

1 answer

Leśny Rumcajs · Answer 1 · 2015-12-04T11:58:29+0000

Even if you probably guessed it, I will leave this a useful guide for all newbies in the OpenSSL buffer.

Reconcile (server requests)

     printf("Starting SSL renegotiation on SSL server (initiating by SSL server)");
       if(SSL_renegotiate(ssl) <= 0){
               printf("SSL_renegotiate() failed\n");
                 exit(1);
        }

          if(SSL_do_handshake(ssl) <= 0){
                     printf("SSL_do_handshake() failed\n");
                 exit(1);
        }

          ssl->state = SSL_ST_ACCEPT;

             if(SSL_do_handshake(ssl) <= 0){
                     printf("SSL_do_handshake() failed\n");
                 exit(1);
     }

Reconciliation (customer requests)

 printf("Starting SSL renegotiation on SSL client (initiating by SSL client)");
 if(SSL_renegotiate(ssl) <= 0){
        printf("SSL_renegotiate() failed\n");
        exit(1);
 }
 if(SSL_do_handshake(ssl) <= 0){
        printf("SSL_do_handshake() failed\n");
            exit(1);
 }

(taken from http://h71000.www7.hp.com/doc/83final/ba554_90007/ch04s03.html )

In addition, the other side can process the request simply by calling SSL_read.

, , SSL_renegotiate_pending .

( ) , ( ).

How to perform rehandshake (revision) using the OpenSSL API?

More articles: