Re: [Help-gnutls] Re: Restore gnutls session after execvp - possible?

Sun, 11 Dec 2005 14:33:43 -0800 

On Sun, Dec 11, 2005 at 10:46:15PM +0100, Simon Josefsson wrote:
> Matthias Urlichs <[EMAIL PROTECTED]> writes:
> 
> > Hi,
> >
> > Simon Josefsson:
> >> How do you achieve that?  I thought you had to close sockets and
> >> re-open them in a new process.
> >> 
> > If you have an open file descriptor, you can choose whether it is
> > automagically closed when you execve() something. (fcntl, close-on-exec
> > flag)
> 
> Oh.  I see.  Thanks for the pointer.
> 
> >> I don't know how to achieve what you want in GnuTLS, but I don't know
> >> how to achieve what you already do either (exec another process and
> >> inherit the open socket) so I may likely be missing something.
> >> Perhaps others know more.
> >> 
> > The basic idea is to save the internal gnutls data structure in such a
> > way that you only need to plug in the file descriptor and everything is
> > back where it was.
> 
> Right.  I don't think this is possible.
> 
> The resume data that is stored is not intended for this use.  It is
> intended where you create a new connection and want to re-use earlier
> TLS handshakes to optimize things.
> 
> It _may_ be possible to use the resume stuff for this purpose, most of
> the useful data items are present.  I think it require a new API.
> E.g., gnutls_resume_connect that accept the resume data.
> 
> Further, I'm not sure I understand _why_ this is done.  Perhaps if you
> describe why you want to execvpe and carry over the TLS-protected
> socket to the new process, we can suggest better solutions.
> 
> Still, if someone want to make this work, I'd welcome any patches.
> 

Hi Matthias and Simon,

I tried without:
  gnutls_certificate_free_credentials (gnutls_xcred);                           
                                             
  gnutls_global_deinit(); 
same result..

My goal is to be able to launch new version of IRC client, without
disconnecting from IRC server, so use same socket and gnutls
environment.
Today I forbid any upgrade when gnutls is used, since it seems not
possible to do such re-connection by resuming gnutls data.
If this is possible in the future, feel free to tell me.

Thank you.

-- 
Cordialement / Best regards
Sebastien.

Web: http://www.flashtux.org - email: [EMAIL PROTECTED]
IRC: [EMAIL PROTECTED] - Jabber: [EMAIL PROTECTED]

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Help-gnutls mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/help-gnutls

Reply via email to