Hi, > Hello, > > For the moment, i have a kind of supervisor which, > > accept a connection, read some datas on the socket and > > then start the process which is able to handle this > > datas. ( using createprocess/execv). The socket's > > handle is shared to this process and therefor the > > process is able to exchange datas with the client. > > > > > > Now i want my application to use SSL_V3. But it looks > > like there is a problem, as it seems there is no way > > to share an SSL session between diferents process. > > > > I really hope that there is a way to do it. And i > > would be very happy if someone can help me. > You can not share ssl3/tls1 session by using SSL > object in two different processes. > For example one process establish ssl session then > fork()'s and two processes use SSL object for reading > and writing. > SSL objects has information on current read/write > MAC which must be properly updated. > > But (I may guess) reading in one process and writing > in second may succeed because read/write MAC secrets > and implied sequences are counted individually. So are you suggesting that it is possible to share ssl3 session between two processes, provided one process reads and other writes? If yes, could you suggest a way to share the session. What if I am having a shared memory that the two processes use to communicate. Could this be used in some way to share the session? Would copying the SSL object to shared memory and then using this object in the two process work (provided the access to the object is protected by mutexes)? Is it possible to create a SSL object in the shared memory region itself, so that we need not 'copy' the object?
I will highly appreciate if you or anyone could guide me through these questions. Thank you, ~ Urjit DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Pvt. Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Pvt. Ltd. does not accept any liability for virus infected mails. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
