|
Hi
I have (for a while now)
been writing a Windows/UNIX application incorporating OpenSSL. So far it is all
working very nicely indeed.
One concern I have is within firewalled
environments. I am no firewall expert, but I understand that some firewalls will
block tcp traffic on connections that have not been actively sending for more
than a few minutes. So if your app is unaware of the existence of the
firewall, it will get send timeout failures on sockets it hasn't used
for a while .. and you have to re-tcp connect to continue.
I would like my application to to
work seemlessly in such environments. Now, if I was doing the low-level
reads/writes myself (rather than calling in to the OpenSSL library) I would be
adding some sort of keep-alive pulse. I am just wondering if anyone has thought
of this problem with SSL/OpenSSL? I guess you would want some kind of
out-of-band pulse? (It wouldn't be a good idea to start encrypting/decrypting
pulses every few seconds!)
Any comments anyone ?
cheers,
Neil
Humphreys |
