On Sun, Jan 21, 2001 at 07:03:07PM -0500, Greg Stark wrote:
> sorry for the misinformation. I misunderstood a thread I had read in the
> archives. Just out of curiousity, what do the following functions do:
>
> SSL_CTX_set_session_cache_mode( );
> SSL_CTX_sess_set_cache_size ( );
> SSL_CTX_set_timeout ( );
I did not express myself correctly:
> > Automatic session reuse is not possible with OpenSSL.
The original poster did mention client use and this should have correctly
been for the client side:
> > Automatic session reuse _for_the_client_side_ is not possible with OpenSSL.
Please excuse, I have been lazy when typing...
On the server side, a session cache is automatically maintained (unless
explicitly switched off) with parameters influenced by the functions you
mention.
According to the TLS protocol, the client may name explitly one session
it wants to reuse. If the server has a session matching this id cached,
it can simply reuse it, so server side caching is easily done.
For the client side this is however not true as I explained in my email.
Even if you enable client side session caching, it only means that the
sessions are kept in memory, but they are not automatically selected for
re-use, the session must be selected by the application.
Please excuse any confusion caused by my unprecise statement,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
