SSLSocket - where does the encryption happen?


#1

Howdy all, and Happy New Year.

I’m looking at OpenSSL::SSL::SSLSocket (openssl/ssl.rb), and
also the code in drb/ssl.rb and webrick/ssl.rb … trying to
understand where the actual encryption/decryption takes place.

All three of these are pretty similar - they set up an
SSLContext, and they also wrap a plain ol’ TCPSocket. But I’m
having trouble locating any code that would be performing the
encryption/decryption on the actual I/O.

Is it right in front of my eyes and I’m not seeing it? If
anyone could help shed some light on this I’d be grateful.

Thanks,

Regards,

Bill


#2

On 1/2/06, Bill K. removed_email_address@domain.invalid wrote:

Is it right in front of my eyes and I’m not seeing it? If
anyone could help shed some light on this I’d be grateful.

If I’m not terribly mistaken, all the actual work takes place in the C
extension.
http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/ext/openssl/ossl_ssl.c
<- there’s the SSLSocket functions at least


#3

Hi Ilmari,

From: “Ilmari H.” removed_email_address@domain.invalid

On 1/2/06, Bill K. removed_email_address@domain.invalid wrote:

I’m looking at OpenSSL::SSL::SSLSocket (openssl/ssl.rb), and
also the code in drb/ssl.rb and webrick/ssl.rb … trying to
understand where the actual encryption/decryption takes place.

If I’m not terribly mistaken, all the actual work takes place in the C
extension.
http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/ext/openssl/ossl_ssl.c
<- there’s the SSLSocket functions at least

Thanks much! I should have realized… After all, the ruby-side
SSLSocket
class has no initialize()

class SSLSocket
  include Buffering
  include SocketForwarder
end

Thanks,

Bill