On Tue, Nov 07, 2000 at 08:55:24AM +0100, Ruud Rietveld wrote:
> > An SSL object can also be reused, you should however make sure to call
> > SSL_clear() on it before reuse.
> > I cannot give you numbers on the performance impact of SSL_new() or
> > SSL_CTX_new(), respectively. Both functions do however call functions
> > of the malloc() class quite often, so that memory fragmentation might
> > occur. For this reason alone, I would already recommend you to reuse SSL
> > and SSL_CTX objects.
>
> But, if you reuse the SSL object by calling SSL_clear(), what should you do
> to start reusing it? Just call SSL_set_fd() (or like) again?
> I've looked into the manual pages, but there's nothing about this...
SSL_clear() resets the SSL object to it original state and makes it
ready to be used again, e.g. call SSL_set_fd() to connect it to a
new connection (you can also use the same connection again).
This is different from SSL_free() which destroys the SSL object.
>From the SSL_clear() manual page:
...
SSL_clear - reset SSL object to allow another connection
...
Reset B<ssl> to allow another connection. All settings (method, ciphers,
BIOs) are kept. A completely negotiated B<SSL_SESSION> is not freed but left
untouched for the underlying B<SSL_CTX>.
...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
