I'm looking at openssl example in c.
It looks like I can first create a regular bsd socket, and
add ssl capability on top of it./* Connect the TCP socket*/
sock=tcp_connect(host,port);
/* Connect the SSL socket */
ssl=SSL_new(ctx);
sbio=BIO_new_socket(sock,BIO_NOCLOSE);
SSL_set_bio(ssl,sbio,sbio);
if(SSL_connect(ssl)<=0)
berr_exit("SSL connect error");
where开发者_运维技巧 tcp_connect(host,port) returns a regular bsd socket.(to make this posting short, i'm not pasting the code here)
My question is,
1. wouldn't it be slow to transfer data under ssl. 2. if so, wonder if i can remove ssl from a socket to make it a regular tcp socket(as website have https for login page and http for other pages. I wonder if it's possible to use ssl for only for first few authentication packets I define)Thank you
Yes, if the ssl layer is upper a simple socket, and you close the SSL session the socket is still usefull and you can use it.
I.E. you can stablish a ssl session between two parts in a protocol for client authentication, close the SSL connection after the authentication and use the socket for the rest of the connection.
精彩评论