#10 enables ssl resumption, includes a test script

open
nobody
None
5
2005-02-18
2005-02-18
Matt Rodriguez
No

I've enabled resumption on the client side.
To do this I created another object ssl_SessionObj, and
a factory method in SSL, the factory method takes a
connection object as argument. The session is retrieved
from the connections ssl object.

I added another method to the connection class that
sets the session.
It takes a Session object as argument. It calls
SSL_set_session using the connection objects ssl object
and the session object. It does error handling if the
set_session call fails.

The 2 openssl functions that were wrapped were:

SSL_get1_session: to retrieve the session
SSL_set_session: to set the session

The SSL_get1_session increments the reference count on
the SSL_SESSION object, it will not be free'd as long
as there are outstanding references.

I put the Session code in the connection.h and
connection.c. There are no methods in the Session class
right now, if methods are added
it makes sense to put the class in its own files.

I added a file sessionclient.py in the examples/simple
directory. It is a script that makes repeated serial
connections with the server, it takes flags for the
host, port, the number of connections to make and
whether to do resumption. I also added changed
server.py so that the server's to set the session id on
the server's context. This must be done if you want to
do session resumption.

Let me know if there are any problems with the patch.
I'd be happy to fix them. I'm easily reached at
MKRodriguez@lbl.gov.

Thanks,
Matt Rodriguez

Discussion

  • Matt Rodriguez
    Matt Rodriguez
    2005-02-18

    The patch file which adds resumption feature

     
    Attachments