At 09:56 PM 12/18/99 +0100, you wrote:
>James Darwin <[EMAIL PROTECTED]>:
>
>> I'm having trouble makeing the server side cache hang on to SSL sessions
>> when all connections from the client are lost. If the client maintains one
>> open connection, and re-uses its ssl session, the cache on the server knows
>> to use the same session - i.e. the SSL_get_session() gives me the same
>> number. But if the client drops its last connection, and creates a new
>> connection to the server, still using the same ssl session as before, the
>> server sees this as a new ssl session. BTW, SSL_free() is called when a
>> connection is dropped in order to clean up memory.
>
>Do you create all server SSLs from the same SSL_CTX? If so, sessions
>should survive automatically; but you should set a session ID context
>for the SSL_CTX (it is used only if you do client verification,
>i.e. when SSL_VERIFY_PEER is set). If this does not work, then
>use a debugger to see what is happening (ssl/ssl_sess.c is the
>most important OpenSSL source code file for this): Is
>ssl_clear_bad_session ever called when your program is run? What
>happens inside ssl_get_prev_session (i.e. what "if" conditions there
>are true)?
Hi. Thanks for your help! I used the debugger and found that sessions were
not being shutdown properly so that SSL_free was removing the sessions from
the cache.
C ya,
Jimmy
----------------------------------------------------------
James Darwin http://www.dascom.com
Senior Software Engineer DASCOM Australia Pty Ltd.
[EMAIL PROTECTED] Bond University Australia.
----------------------------------------------------------
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]