Netscape and IE both cache sessions and the server you are writing
should as well. I believe most sane browsers would do the same.
Unless you are writing your own client, you really don't have to worry
about client-side caching.
Let's say your server caches sessions. If the browser doesn't re-use
a session, the entire handshake would be repeated for every connection.
OpenSSL library will take care of that for you.
I'd like to know if the browsers IE and Netscape do reuse the
sessions because otherwise it's pretty useless for me taking that SSL-cache
into use. Do you happen to know if they do or not?
About Your earlier mail: You said:
[
Are you sure you want to be calling SSL_new and SSL_free for every
connection?
After serving a connection you can do
SSL_clear(pSSL);
SSL_set_session(pSSL,NULL);
SSL_set_accept_state(pSSL) ;
]
Well, if I don't call SSL_new then what should I call in the beginning? Do I
ever have to call SSL_free? How are those SSLs removed from memory and not
only cleared? I'm now calling SSL_CTX_new and SSL_new for every connection
and same closes too.
Thanks for helping!
Yours VW
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
