Hey all. I kind of feel like I'm beating a dead horse here, and that
this question may have been answered already, but here goes.
I have a client app that needs to connect to any number of servers and
cache sessions. This app will be expected to create up to 100
connections per second, with possibly hundreds of servers being visited
each minute (this is peak performance, not necessarily a constant load).
Anyway, from the previous threads on the subject, I am sure I have to
tell the client which session to reuse. It can't be as simple as just
saying reuse the latest session ID, can it?
It seems that if I go to a server, say dogs.com, the session gets cached
when the connection is successful. Then if I go to cats.com, that
session is cached the same way. If I then go back to dogs.com, I need
to know 'this' session was for cats.com, 'that' one was for dogs.com,
etc. The problem is that I can't seem to find any server specific info
in the session structure - except for the cert, and this may have info
that doesn't exactly match my records. Do I have to search through the
entire cache for the right session, or can it be done by OpenSSL?
Should I build my own cache and just copy the session into my own
structure containing the connection info I need?
I do understand that the SSL client has no way to know anything about
where it is connecting to (of course the app should), and Lutz, I think
you clarified that a bit in a previous thread on the subject.
I studied some of the stunnel code, as one reader was kind enough to
point me to, and it was helpful, but it really has a limited use of the
cache. It actually only connects to a very few servers as a client -
one per instance, I think. This makes it fundamentally different in
that respect from the app I mentioned.
Any help, further clarification, pointer to a howto, sample code, etc.
is, as always, greatly appreciated.
Lou
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
