Quick question about session handling from the client side.
Here's my scenario:
I have a client connecting to a server. The session info is being
saved with a structure associated with the server. Hypothetically
speaking, it is possible for more than one thread to be connecting at
the same time, so they may be negotiating multiple sessions with the
same server simultaneously.
Does it matter which session is saved? I'd assume that if there were
any issues at the server side, it would save the last one established.
According to the session stats, it looks like they are all being saved
somewhere. I assume this has something to do with my using
SSL_get1_session() when putting it in my structure. Should I be using
the SSL_get_session() version for client side session handling?
Here's what I'm seeing in the session stats after a number of
connections (some made concurrently) to a single server:
SSL session cache stats:
13 items in the session cache.
14 client connects (SSL_connect()).
14 client connects that finished.
0 client renegotiatations requested.
1 session cache hits.
0 session cache misses.
0 session cache timeouts
The client connections are correct, but I would expect the number of
items in the cache to be 1. I could even understand if the hits were
less than 10, but it should be more than one.
Any ideas what I'm missing?
Thanks all.
Lou
--
Louis LeBlanc [EMAIL PROTECTED]
Fully Funded Hobbyist, KeySlapper Extrordinaire :)
http://acadia.ne.mediaone.net ԿԬ
The explanation requiring the fewest assumptions is the most likely to be
correct.
-- William of Occam
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
