Hey Lutz. Thanks for your confirmation to my last message. Sorry to
bother everyone again, but I'm still not seeing what I expect with
this one call to see how many renegotiations I am getting.
On Sun, Nov 11, 2001 at 11:22:07PM -0500, Louis LeBlanc wrote:
. . .
Here is what I'm calling:
. . .
SSL_CTX_sess_connect_renegotiate(ssl_ctx);
. . .
SSL_CTX_sess_connect_renegotiate()
returns the number of start renegotiations in client mode.
Total number of renegotiations as a client - wether active or not.
. . .
This is what I am doing to fetch the info:
void dump_sslcache_stats()
{
charerrbuf[1024];
long intitems, cca, ccs, crr, sch;
items = SSL_CTX_sess_number(ssl_ctx);
cca = SSL_CTX_sess_connect(ssl_ctx);
ccs = SSL_CTX_sess_connect_good(ssl_ctx);
crr = SSL_CTX_sess_connect_renegotiate(ssl_ctx);
sch = SSL_CTX_sess_hits(ssl_ctx);
sprintf(errbuf, SSL session cache stats: \n \
%25ld items in the session cache.\n \
%25ld client connects (SSL_connect()).\n \
%25ld client connects that finished.\n \
%25ld client renegotiatations requested.\n \
%25ld session cache hits.,
items, cca, ccs, crr, sch);
log_error(errbuf);
}
I've configured the process to call this routine on reciept of a
SIGUSR2 signal. Here is what it looks like in the log:
2004-19:20:10 20262: thread 0: waiting for QM
2004-19:20:10 20262: thread 1: dumping state
2004-19:20:10 20262: thread 2: waiting for ICP packet
2004-19:20:10 20262: 33 threads, 3 used, 3 active
2004-19:20:10 20262: SSL session cache stats:
1 items in the session cache.
44 client connects (SSL_connect()).
44 client connects that finished.
0 client renegotiatations requested.
43 session cache hits.
This one is as expected, but then I shut down the Apache server
accepting the requests, and remove the SSL session cache file and the
semaphore file to ensure that no sessions remain cached when I restart
Apache.
So when I restart the server, and request one more item (without
having shut my client process down) I get the following:
2004-19:22:53 20262: thread 0: waiting for QM
2004-19:22:53 20262: thread 1: dumping state
2004-19:22:53 20262: thread 2: waiting for ICP packet
2004-19:22:53 20262: 33 threads, 3 used, 3 active
2004-19:22:53 20262: SSL session cache stats:
2 items in the session cache.
45 client connects (SSL_connect()).
45 client connects that finished.
0 client renegotiatations requested.
43 session cache hits.
So the only thing that looks wrong is the client renegotiations
requested.
Any idea what I'm doing wrong?
BTW, we're still running with V0.95a, if that matters.
Thanks
Lou
--
Louis LeBlanc [EMAIL PROTECTED]
Fully Funded Hobbyist, KeySlapper Extrordinaire :)
http://www.keyslapper.org ԿԬ
Reporter, n.:
A writer who guesses his way to the truth and dispels it with a
tempest of words.
-- Ambrose Bierce, The Devil's Dictionary
msg21764/pgp0.pgp
Description: PGP signature
