So one of my first problems is to figure out where I'm supposed to insert my work, which will do a DANE lookup and pass/fail the connection. The DANE lookup requires the connection's protocol and port so that a DNS lookup like:
_443._tcp.www.example.com
can be made. It seems that a good candidate for inserting my work will be somewhere south of BIO_s_connect(3). This specifically should give me access to the port number, whilst for the time being I think that the protocol can be assumed to be TCP.
One thing I need to validate though is that the BIO_* framework is actually used being used, and preferably that I can reasonably easily find a client implemented with that framework that I can trick into using a DANE-capable OpenSSL. So far my reference is this article.
More tk.
Edit: Just found this article that outlines how to write a client that uses BIO.
No comments:
Post a Comment