[Help-gnutls] Re: Restore gnutls session after execvp - possible?
Matthias Urlichs
smurf at smurf.noris.de
Sun Dec 11 21:54:59 CET 2005
Hi,
Simon Josefsson:
> How do you achieve that? I thought you had to close sockets and
> re-open them in a new process.
>
If you have an open file descriptor, you can choose whether it is
automagically closed when you execve() something. (fcntl, close-on-exec
flag)
> I don't know how to achieve what you want in GnuTLS, but I don't know
> how to achieve what you already do either (exec another process and
> inherit the open socket) so I may likely be missing something.
> Perhaps others know more.
>
The basic idea is to save the internal gnutls data structure in such a
way that you only need to plug in the file descriptor and everything is
back where it was.
Personally I'd say that
> > - global:
> >
> > gnutls_certificate_free_credentials (gnutls_xcred);
> > gnutls_global_deinit();
> >
Why are you doing that? You're execvp-ing a new process, the data
structures will vanish anyway -- and you risk closing the sockets when you
do this.
> > if (gnutls_handshake (server->gnutls_sess) < 0)
> > printf ("handshake failed\n");
> >
Does that call work when you use it *before* doing your
save-execvp-restore dance?
--
Matthias Urlichs | {M:U} IT Design @ m-u-it.de | smurf at smurf.noris.de
Disclaimer: The quote was selected randomly. Really. | http://smurf.noris.de
- -
You can have whiskey as your friend. You can have a dog as your friend. But
if you have a woman as your friend, you're going to wind up drunk and kissing
your dog.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: </pipermail/attachments/20051211/b5c60561/attachment.pgp>
More information about the Gnutls-help
mailing list