[Help-gnutls] Re: Restore gnutls session after execvp - possible?
flashcode at flashtux.org
Sun Dec 11 23:33:30 CET 2005
On Sun, Dec 11, 2005 at 10:46:15PM +0100, Simon Josefsson wrote:
> Matthias Urlichs <smurf at smurf.noris.de> writes:
> > Hi,
> > Simon Josefsson:
> >> How do you achieve that? I thought you had to close sockets and
> >> re-open them in a new process.
> > If you have an open file descriptor, you can choose whether it is
> > automagically closed when you execve() something. (fcntl, close-on-exec
> > flag)
> Oh. I see. Thanks for the pointer.
> >> I don't know how to achieve what you want in GnuTLS, but I don't know
> >> how to achieve what you already do either (exec another process and
> >> inherit the open socket) so I may likely be missing something.
> >> Perhaps others know more.
> > The basic idea is to save the internal gnutls data structure in such a
> > way that you only need to plug in the file descriptor and everything is
> > back where it was.
> Right. I don't think this is possible.
> The resume data that is stored is not intended for this use. It is
> intended where you create a new connection and want to re-use earlier
> TLS handshakes to optimize things.
> It _may_ be possible to use the resume stuff for this purpose, most of
> the useful data items are present. I think it require a new API.
> E.g., gnutls_resume_connect that accept the resume data.
> Further, I'm not sure I understand _why_ this is done. Perhaps if you
> describe why you want to execvpe and carry over the TLS-protected
> socket to the new process, we can suggest better solutions.
> Still, if someone want to make this work, I'd welcome any patches.
Hi Matthias and Simon,
I tried without:
My goal is to be able to launch new version of IRC client, without
disconnecting from IRC server, so use same socket and gnutls
Today I forbid any upgrade when gnutls is used, since it seems not
possible to do such re-connection by resuming gnutls data.
If this is possible in the future, feel free to tell me.
Cordialement / Best regards
Web: http://www.flashtux.org - email: flashcode at flashtux.org
IRC: FlashCode at irc.freenode.net - Jabber: flashcode at jabber.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
More information about the Gnutls-help