On Mon, Dec 02, 2002 at 09:02:26PM -0800, Vinay Raikar wrote:
>
> I need to set the timeout for particular SSL session. Currently it is set to
>TCP_ALIVE TIME, ie 7200 secs, verified by call to SSL_get_timeout(SSL *s) &
>SSL_SESSION_get _timeout(SSL_SESSION *sess).
> I tried both SSL_set_timeout(SSL*s,long tm) as well as
>SSL_SESSION_set_timeout(SSL_SESSION* sess,long tm), none of them are working for me.
> Do I need to set anything before calling these functions???
Two things come to mind:
* Principal function: the timeout _only_ applies to session resumption: the
client tries to use the same session data for a new session.
It does _not_ implement a "timeout" on the existing session, meaning
that an open connection/session will not be closed after that time.
* Implementation: SSL_set_timeout() and SSL_SESSION_set_timeout() -- both
in fact being identical -- only work the sessions in memory of the
actual process. If the session cache is on a backing store -- somehow
shared between processes -- the change of the timeout setting is not
automatically propagated to the backing store. Therefore other processes
using the same session cache will not learn about the new setting.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
