Mario Lombardo writes:
Hi Sam,thank you for your message. What about the existing sessions (gnutls_session_t)? Can I call gnutls_credentials_clear() once the handshake is finished and keep the connection for this session established? I believe it is not safe to gnutls_certificate_free_credentials() as long as there are sessions bound to this store, is it?
Presuming there are no multiple thread-related issues, I would expect it to be safe. If the library needs it, for some reason, I expect it to make its own copy. I find nothing in the public documentation that requires credential to exist as long as some session that used them, initially, is still around.
Or is there any other best practice? Can I set other credentials on an existing session (after handshake)?
You can also take the approach of creating a new context for all new sessions, and keep the old context, with the old credentials, until all existing session which use it go away. I don't believe this is necessary, but this is also one possible way to do it.
pgpSeZo5ftfIU.pgp
Description: PGP signature
_______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
