Hi, Simon Josefsson: > How do you achieve that? I thought you had to close sockets and > re-open them in a new process. > If you have an open file descriptor, you can choose whether it is automagically closed when you execve() something. (fcntl, close-on-exec flag)
> I don't know how to achieve what you want in GnuTLS, but I don't know
> how to achieve what you already do either (exec another process and
> inherit the open socket) so I may likely be missing something.
> Perhaps others know more.
>
The basic idea is to save the internal gnutls data structure in such a
way that you only need to plug in the file descriptor and everything is
back where it was.
Personally I'd say that
> > - global:
> >
> > gnutls_certificate_free_credentials (gnutls_xcred);
> > gnutls_global_deinit();
> >
Why are you doing that? You're execvp-ing a new process, the data
structures will vanish anyway -- and you risk closing the sockets when you
do this.
> > if (gnutls_handshake (server->gnutls_sess) < 0)
> > printf ("handshake failed\n");
> >
Does that call work when you use it *before* doing your
save-execvp-restore dance?
--
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | [EMAIL PROTECTED]
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
- -
You can have whiskey as your friend. You can have a dog as your friend. But
if you have a woman as your friend, you're going to wind up drunk and kissing
your dog.
signature.asc
Description: Digital signature
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
