Message216685
Ok, I propose the following plan:
- add a new opaque type allowing to wrap a SSL_SESSION
- add a get_session() method to SSLSocket, returning the current session
- add an optional "session=..." parameter to SSLContext.wrap_socket, allowing to specify a session which we hope to reuse during the handshake
There is however, one complication (from OpenSSL man pages):
"""SSL_SESSION objects keep internal link information about the session cache list, when being inserted into one SSL_CTX object's session cache. One SSL_SESSION object, regardless of its reference count, must therefore only be used with one SSL_CTX object (and the SSL objects created from this SSL_CTX object)."""
So we would somehow also need to keep a pointer to the SSL context in our session object wrapper, and check that the session isn't reused with another context... (yuck) |
|
Date |
User |
Action |
Args |
2014-04-17 11:09:25 | pitrou | set | recipients:
+ pitrou, jcea, janssen, giampaolo.rodola, christian.heimes, dstufft, fweimer, WadeC |
2014-04-17 11:09:25 | pitrou | set | messageid: <1397732965.24.0.0947179268841.issue8106@psf.upfronthosting.co.za> |
2014-04-17 11:09:25 | pitrou | link | issue8106 messages |
2014-04-17 11:09:24 | pitrou | create | |
|