On Fri, Aug 31, 2001 at 05:19:04PM -0400, Aslam wrote: > I have a doubt related with session cache. After setting callbacks for > session caching and shen the get_session_callback() is called in > ssl_get_prev_session() in file ssl\ssl_sess.c, why do openssl save this > obtained session into SSL_CTX in following code: > if (ret == NULL) > { ... > SSL_CTX_add_session(s->ctx,ret); // Why this ... > } > > Cause if caching is external, what's the purpose of adding session to > SSL_CTX ????? I am not sure if it actually would be needed. But it is consistent with the other functions. If a session is removed from the cache, it is first looked up in the internal cache, and only when found the removal callback is called. Therefore it is necessary to first add it to the internal cache. I would however say, that it is a design decision. It would have been possible to write OpenSSL, such that only the external cache is used, but it wasn't done this way. It was written such that an internal cache is used and the external cache is used to support it. (The internal cache should give best speed anyway.) Best regards, Lutz PS. The d2i_SSL_SESSION() question is somewhere on my TODO list, but I am currently swamped with other things. I know that I do use it myself with Postfix/TLS and external session caching and it _does_ work, but that is not good enough for an answer :-) -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]