[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] session ticket support
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: [PATCH] session ticket support |
Date: |
Fri, 17 Jul 2009 22:01:04 +0300 |
User-agent: |
Thunderbird 2.0.0.22 (X11/20090608) |
Daiki Ueno wrote:
>> - Have you checked this implementation against others?
> Not yet. I'll check it against OpenSSL this weekend.
Please let me know of results.
>> - It seems gnutls_session_ticket_enable_server() requires some random
>> key to be available. Do you have thought a way for this key to be generated?
>
> Though I have no idea how to generate that key, how about an interface
> something like:
>
> gnutls_session_ticket_server_key_t key;
>
> gnutls_session_ticket_allocate_server_key (&key);
> /* NULL for generating a random key internally. */
> gnutls_session_ticket_set_server_key (key, NULL, -1);
>
> for (;;)
> {
> sd = accept (listen_sd, ...);
> ...
> /* Generate only IV here. */
> gnutls_session_ticket_enable_server (session, key);
> }
>
> Sorry if I'm missing the subject.
No you are correct. However I would go a step further and make the
randomization it explicitly, in order to allow storing of those
somewhere (for a web server to reuse). An API could be:
int gnutls_session_ticket_allocate_server_key (&key);
int gnutls_session_ticket_randomize (key);
int gnutls_session_ticket_export (key, uint8_t* data, size_t* size); /*
to save into a file */
int gnutls_session_ticket_import (key, const uint8_t* data, size_t
size); /* to load from a file */
Would you be interested into implementing this as well? Alternatively I
could work on it once all paper work is done.
best regards,
Nikos
- [PATCH] session ticket support, Daiki Ueno, 2009/07/14
- Re: [PATCH] session ticket support, Nikos Mavrogiannopoulos, 2009/07/14
- Re: [PATCH] session ticket support, Nikos Mavrogiannopoulos, 2009/07/16
- Re: [PATCH] session ticket support, Daiki Ueno, 2009/07/17
- Re: [PATCH] session ticket support,
Nikos Mavrogiannopoulos <=
- Re: [PATCH] session ticket support, Nikos Mavrogiannopoulos, 2009/07/25
- Re: [PATCH] session ticket support, Daiki Ueno, 2009/07/25
- Re: [PATCH] session ticket support, Nikos Mavrogiannopoulos, 2009/07/26
- Re: [PATCH] session ticket support, Daiki Ueno, 2009/07/27
- Re: [PATCH] session ticket support, Nikos Mavrogiannopoulos, 2009/07/29
- Re: [PATCH] session ticket support, Nikos Mavrogiannopoulos, 2009/07/30