On Fri, Nov 17, 2000 at 06:06:16PM +0100, Carlos Vicente wrote:
> Anyway, using SDBM and disk caching seems a little bit too complicated
> for my app.
That depends on your app. My application needs to share the information
between independent processes. If you only have one process you may be
better off by just keeping the data in memory.
> How about building a small, simple cache in memory using
> SSL_get1_session()?
> Keeping it small (100 items maybe), sequential lookup for host names on
> a linked list shouldn't be that slow, right?
For 100 items nothing should be slow :-)
In fact, an SSL_SESSION (being saved and reused with d2i/i2d tends to have
a size around 1-2kB, so just keeping it in memory as you currently consider
should not be too costly.
> Another question:
> If client-side session-id caching can't be done automatically by
> openssl, then what is
> SSL_set_session_cache_mode(ctx,SSL_SESS_CACHE_CLIENT)
> really for?
I don't know. The session is stored but it is not reused automatically
(which would be rather difficult, as the SSL layer is only loosely coupled
to the connection layer and has no idea on the peer it is connecting to).
Maybe EAY had something in mind that was never realized!?
> Isn't this confusing?
Yes, it is. Documentation about the API is being added in the form of manual
pages. Some weeks ago, john traenky <[EMAIL PROTECTED]> offered to write
a users guide. This would be the place where this information would be needed,
ultimatively replacing ssleay.txt. Let's wait how John's effort works out.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
