On Fri, Nov 30, 2001 at 10:54:22AM +0100, Manfred Haertel wrote:
Hello!
Is there a way for a CGI script to find out how long the currently used
SSL session is still valid, in other words, how many seconds of
SSLSessionCacheTimeout still remain?
I asked this question already on the modssl mailing list, but I got no
answer, so I thought I'd ask the OpenSSL experts here.
The modssl interface gives me the session key and the SSL session ID in
environment variables, but not the remaining time. Is there any chance
to access the time from a CGI script?
As far as I could see from the mod_ssl sources, the corresponding data
are not exported to environment variables.
I don't think it would be to difficult to extend mod_ssl to also export
these data. The ssl_hook_Fixup_vars table would need to be extended in
ssl_engine_kernel.c by the required variables and the ssl_var_lookup_ssl()
function in ssl_engine_vars.c would need to be needed to handle these
variables. I think, that if you grep for SESSION_ID in pkg.sslmod/
you will easily get an idea.
Without source modification, you won't get the information.
Best regards,
Lutz
PS. With respect to the SSL_SESSION timeout settings:
man SSL_SESSION_get_time
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
