libeap/eap_tls.c eaptls_process details
aland at deployingradius.com
Mon Jun 29 12:08:46 CEST 2009
Carolin Latze wrote:
> I think, BIO_write sends data out to the peer and SSL_read receives data
> from the peer here, but the comments suggest something else (like piping
> the data through decryption within the server). Which version is
> correct? ;-)
BIO_write writes to the BIO. SSL_read reads from somewhere, decrypts
the data, and returns the cleartext.
The BIOs are in-memory buffers that abstract the interface to SSL.
The SSL_read function can be pointed directly at a socket (via a set of
helper functions), OR, it can be pointed at an in-memory buffer.
The buffer allows FreeRADIUS to convert EAP-Message attributes into
something more recognizable for OpenSSL.
More information about the Freeradius-Devel