Hello, > For the moment, i have a kind of supervisor which, > accept a connection, read some datas on the socket and > then start the process which is able to handle this > datas. ( using createprocess/execv). The socket's > handle is shared to this process and therefor the > process is able to exchange datas with the client. > > > Now i want my application to use SSL_V3. But it looks > like there is a problem, as it seems there is no way > to share an SSL session between diferents process. > > I really hope that there is a way to do it. And i > would be very happy if someone can help me. You can not share ssl3/tls1 session by using SSL object in two different processes. For example one process establish ssl session then fork()'s and two processes use SSL object for reading and writing. SSL objects has information on current read/write MAC which must be properly updated. If one process read ssl data (updating his SSL object copy) then second process when read data will have read MAC verification error (because MAC verification use implied sequence number).
But (I may guess) reading in one process and writing in second may succeed because read/write MAC secrets and implied sequences are counted individually. Of course sharing TCP socket in two processes is different story. Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
