Message216685
| Author |
pitrou |
| Recipients |
WadeC, christian.heimes, dstufft, fweimer, giampaolo.rodola, janssen, jcea, pitrou |
| Date |
2014年04月17日.11:09:24 |
| SpamBayes Score |
-1.0 |
| Marked as misclassified |
Yes |
| Message-id |
<1397732965.24.0.0947179268841.issue8106@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
Ok, I propose the following plan:
- add a new opaque type allowing to wrap a SSL_SESSION
- add a get_session() method to SSLSocket, returning the current session
- add an optional "session=..." parameter to SSLContext.wrap_socket, allowing to specify a session which we hope to reuse during the handshake
There is however, one complication (from OpenSSL man pages):
"""SSL_SESSION objects keep internal link information about the session cache list, when being inserted into one SSL_CTX object's session cache. One SSL_SESSION object, regardless of its reference count, must therefore only be used with one SSL_CTX object (and the SSL objects created from this SSL_CTX object)."""
So we would somehow also need to keep a pointer to the SSL context in our session object wrapper, and check that the session isn't reused with another context... (yuck) |
|