On Thu, Jul 26, 2001 at 07:35:05AM -0400, Jeffrey Altman wrote:
> In order to allow the RFC 2712 Kerberos support in 0.9.7-dev to work
> with cached sessions I need to save the contents of the KSSL_CTX
> structure with the SSL SESSION PARAMETERS.
>
> Should this be added to the ssl_session_st structure?
Yes. For software everything that it needed for caching is inside the
SSL_SESSION structure (=ssl_session_st). Therefore if the contents of
KSSL_CTX (or part of it) is needed, it should be added into this one
thing.
As you can see from the manual pages (e.g. SSL_CTX_sess_set_get_cb),
there exists an interface to the external session cache. I would like
to keep this transparent. Everything that is needed to reuse a session
should be part of SSL_SESSION, so that the external session cache routines
don't have to bother about it.
This also means that d2i/i2d_SSL_SESSION() have to be extended to save
the additional information.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
