This is a multi-part message in MIME format.

------=_NextPart_000_0BCB_01C6E30C.1ABEC360
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding:quoted-printable

Hi,

Mentioned below is a normal tcp scenario. Could someone tell me how the foll=
owing scenario be handled in SSL secured environment

A. Client establishes a tcp connection with the Server
B. Server Forks.
C. Server exec's to start a new process. It passes its socket descriptor to=
the new process as command line argument.
D. The new process uses the socket descriptor to communicate with the client=
..
The idea here is to use the existing tcp connection for communication.

Now, if we have this channel secured with SSL, the Client and Server both wo=
uld have their SSL objects. They will communicate securely through these SSL=
object. The question here is, how can we provide the required SSL object to=
the new process, so that it would start using the pre established secured s=
ession / channel?

One possible solution I could think of is to use shared memory between the S=
erver and new process. The server, before it exec the new process would crea=
te a copy of its SSL object in the shared memory and the new process then wi=
ll use it.

But I am not sure if such copying of SSL object is safe.
Is there any other solution possible?
Could someone guide me through this?

Thank you,
~ Urjit
DISCLAIMER=0A=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A=
This e-mail may contain privileged and confidential information which is the=
property of Persistent Systems Pvt. Ltd. It is intended only for the use of=
the individual or entity to which it is addressed. If you are not the inten=
ded recipient, you are not authorized to read, retain, copy, print, distribu=
te or use this message. If you have received this communication in error, pl=
ease notify the sender and delete all copies of this message. Persistent Sys=
tems Pvt. Ltd. does not accept any liability for virus infected mails.

------=_NextPart_000_0BCB_01C6E30C.1ABEC360
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding:quoted-printable








Hi,

 

Mentioned below is a normal tcp scenario.=
Could
someone tell me how the following scenario be handled in SSL secured
environment

 

A. Client establishes a tcp connection wi=
th the
Server

B. Server Forks.

C. Server exec's to start a new process.=
It
passes its socket descriptor to the new process as command line
argument.

D. The new process uses the socket descri=
ptor to
communicate with the client.

The idea here is to use the existing tcp=

connection for communication
. DIV>
 

Now, if we have this channel secured with=
SSL,
the Client and Server both would have their SSL objects. They will communica=
te
securely through these SSL object.
The=
question
here is, how can we provide the required SSL object to the new process,=
so
that it would start using the pre established secured session /
channel?

 

One possible solution I could think of is=
to use
shared memory between the Server and new process. The server, before it exec=
the
new process would create a copy of its SSL object in the shared memory and t=
he
new process then will use it.

 

But I am not sure if such copying of SSL=
object
is safe.

Is there any other solution
possible?

Could someone guide me through this? T>

 

Thank you,

~ Urjit
DISCLAIMER=0A=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A=
This e-mail may contain privileged and confidential information which is the=
property of Persistent Systems Pvt. Ltd. It is intended only for the use of=
the individual or entity to which it is addressed. If you are not the inten=
ded recipient, you are not authorized to read, retain, copy, print, distribu=
te or use this message. If you have received this communication in error, pl=
ease notify the sender and delete all copies of this message. Persistent Sys=
tems Pvt. Ltd. does not accept any liability for virus infected mails.
>


------=_NextPart_000_0BCB_01C6E30C.1ABEC360--

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org