libeap/eap_tls.c eaptls_process details

Alan DeKok aland at
Mon Jun 29 12:08:46 CEST 2009

Carolin Latze wrote:
> I think, BIO_write sends data out to the peer and SSL_read receives data
> from the peer here, but the comments suggest something else (like piping
> the data through decryption within the server). Which version is
> correct? ;-)

  BIO_write writes to the BIO.  SSL_read reads from somewhere, decrypts
the data, and returns the cleartext.

  The BIOs are in-memory buffers that abstract the interface to SSL.
The SSL_read function can be pointed directly at a socket (via a set of
helper functions), OR, it can be pointed at an in-memory buffer.

  The buffer allows FreeRADIUS to convert EAP-Message attributes into
something more recognizable for OpenSSL.

  Alan DeKok.

More information about the Freeradius-Devel mailing list