James Darwin <[EMAIL PROTECTED]>:
> I'm having trouble makeing the server side cache hang on to SSL sessions
> when all connections from the client are lost. If the client maintains one
> open connection, and re-uses its ssl session, the cache on the server knows
> to use the same session - i.e. the SSL_get_session() gives me the same
> number. But if the client drops its last connection, and creates a new
> connection to the server, still using the same ssl session as before, the
> server sees this as a new ssl session. BTW, SSL_free() is called when a
> connection is dropped in order to clean up memory.
Do you create all server SSLs from the same SSL_CTX? If so, sessions
should survive automatically; but you should set a session ID context
for the SSL_CTX (it is used only if you do client verification,
i.e. when SSL_VERIFY_PEER is set). If this does not work, then
use a debugger to see what is happening (ssl/ssl_sess.c is the
most important OpenSSL source code file for this): Is
ssl_clear_bad_session ever called when your program is run? What
happens inside ssl_get_prev_session (i.e. what "if" conditions there
are true)?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
