Hey Lutz. Thanks for your confirmation to my last message. Sorry to bother everyone again, but I'm still not seeing what I expect with this one call to see how many renegotiations I am getting.
> On Sun, Nov 11, 2001 at 11:22:07PM -0500, Louis LeBlanc wrote:
> > . . .
> > Here is what I'm calling:
> > . . .
> > SSL_CTX_sess_connect_renegotiate(ssl_ctx);
> >
> > . . .
> >
> > SSL_CTX_sess_connect_renegotiate()
> > returns the number of start renegotiations in client mode.
> > > Total number of renegotiations as a client - wether active or not.
> > . . .
This is what I am doing to fetch the info:
void dump_sslcache_stats()
{
char errbuf[1024];
long int items, cca, ccs, crr, sch;
items = SSL_CTX_sess_number(ssl_ctx);
cca = SSL_CTX_sess_connect(ssl_ctx);
ccs = SSL_CTX_sess_connect_good(ssl_ctx);
crr = SSL_CTX_sess_connect_renegotiate(ssl_ctx);
sch = SSL_CTX_sess_hits(ssl_ctx);
sprintf(errbuf, "SSL session cache stats: \n \
%25ld items in the session cache.\n \
%25ld client connects (SSL_connect()).\n \
%25ld client connects that finished.\n \
%25ld client renegotiatations requested.\n \
%25ld session cache hits.",
items, cca, ccs, crr, sch);
log_error(errbuf);
}
I've configured the process to call this routine on reciept of a
SIGUSR2 signal. Here is what it looks like in the log:
20011114-19:20:10 20262: thread 0: waiting for QM
20011114-19:20:10 20262: thread 1: dumping state
20011114-19:20:10 20262: thread 2: waiting for ICP packet
20011114-19:20:10 20262: 33 threads, 3 used, 3 active
20011114-19:20:10 20262: SSL session cache stats:
1 items in the session cache.
44 client connects (SSL_connect()).
44 client connects that finished.
0 client renegotiatations requested.
43 session cache hits.
This one is as expected, but then I shut down the Apache server
accepting the requests, and remove the SSL session cache file and the
semaphore file to ensure that no sessions remain cached when I restart
Apache.
So when I restart the server, and request one more item (without
having shut my client process down) I get the following:
20011114-19:22:53 20262: thread 0: waiting for QM
20011114-19:22:53 20262: thread 1: dumping state
20011114-19:22:53 20262: thread 2: waiting for ICP packet
20011114-19:22:53 20262: 33 threads, 3 used, 3 active
20011114-19:22:53 20262: SSL session cache stats:
2 items in the session cache.
45 client connects (SSL_connect()).
45 client connects that finished.
0 client renegotiatations requested.
43 session cache hits.
So the only thing that looks wrong is the client renegotiations
requested.
Any idea what I'm doing wrong?
BTW, we're still running with V0.95a, if that matters.
Thanks
Lou
--
Louis LeBlanc [EMAIL PROTECTED]
Fully Funded Hobbyist, KeySlapper Extrordinaire :)
http://www.keyslapper.org ԿԬ
Reporter, n.:
A writer who guesses his way to the truth and dispels it with a
tempest of words.
-- Ambrose Bierce, "The Devil's Dictionary"
msg21764/pgp00000.pgp
Description: PGP signature
