On 2007.04.05 at 10:16:45 +0530, Bhat, Jayalakshmi Manjunath wrote:

> Hi All,
> 
> Please can any one tell me relationship between SSL_CTX,SSL,SSL_SESSION.
> And also the difference netween SSL connection and session?
> 

It is described in the ssl(3) man page in very clear words.

1. SSL_CTX is an object which keeps common configuration, session cache
etc for all connections in the process.

2. SSL is an object which handles individual connection. (but can be
reused for another connection)

Difference between connection and session is that connection is a live
communication channel, and session is a set of negotiated cryptography
parameters.

You can close connection, but keep session, even store it to disk,
and subsequently resume it
using another connection, may be in completely different process, or
even after system reboot (of course, stored session should be kept both
on the client and on the server).

On other hand, you can renegotiate TLS parameters and create entirely
new session without interrupting connection. 

SSL_SESSION object is used for storing sessions to resume them later.
It helps to avoid some resource consuming crypthography operations.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to