Do I need SSL_accept() before SSL_read()?

0
votes

In OpenSSL doc, said:

If necessary, a write function will negotiate a TLS/SSL session, if not already explicitly performed by SSL_connect(3) or SSL_accept(3). If the peer requests a re-negotiation, it will be performed transparently during the write function operation. The behaviour of the write functions depends on the underlying BIO.

And I have called SSL_set_accept_state().

For the transparent negotiation to succeed, the ssl must have been initialized to client or server mode. This is being done by calling SSL_set_connect_state(3) or SSL_set_accept_state() before the first call to a write function.

So can I write less code?

1
sslopensslnetwork-programming

1 Answers

0
votes

So can I write less code?

Yes. In some cases it might simplify the code if SSL_accept is not explicitly called. In other cases one might want to clearly separate the initial TLS handshake from the rest of the code for better control, like which errors are expected at which stage of communication and how these are handled.