29 Jun
2009
29 Jun
'09
6:08 a.m.
Carolin Latze wrote:
I think, BIO_write sends data out to the peer and SSL_read receives data from the peer here, but the comments suggest something else (like piping the data through decryption within the server). Which version is correct? ;-)
BIO_write writes to the BIO. SSL_read reads from somewhere, decrypts the data, and returns the cleartext. The BIOs are in-memory buffers that abstract the interface to SSL. The SSL_read function can be pointed directly at a socket (via a set of helper functions), OR, it can be pointed at an in-memory buffer. The buffer allows FreeRADIUS to convert EAP-Message attributes into something more recognizable for OpenSSL. Alan DeKok.