On Fri, Aug 31, 2001 at 05:19:04PM -0400, Aslam wrote:
> I have a doubt related with session cache. After setting callbacks for
> session caching and shen the get_session_callback() is called in
> ssl_get_prev_session() in file ssl\ssl_sess.c, why do openssl save this
> obtained session into SSL_CTX in following code:
> if (ret == NULL)
> {
...
> SSL_CTX_add_session(s->ctx,ret); // Why this
...
> }
>
> Cause if caching is external, what's the purpose of adding session to
> SSL_CTX ?????
I am not sure if it actually would be needed. But it is consistent with
the other functions. If a session is removed from the cache, it is first
looked up in the internal cache, and only when found the removal callback
is called. Therefore it is necessary to first add it to the internal cache.
I would however say, that it is a design decision. It would have been possible
to write OpenSSL, such that only the external cache is used, but it wasn't
done this way. It was written such that an internal cache is used and the
external cache is used to support it.
(The internal cache should give best speed anyway.)
Best regards,
Lutz
PS. The d2i_SSL_SESSION() question is somewhere on my TODO list, but I am
currently swamped with other things. I know that I do use it myself with
Postfix/TLS and external session caching and it _does_ work, but that is
not good enough for an answer :-)
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
