On Mon, Jan 28, 2008 at 01:23:27PM +0100, Dr. Stephen Henson wrote:

> This is really an omission in the library and there should be a way to copy an
> EVP_CIPHER_CTX. In the case of an ENGINE the data might be (for example) a
> reference to a handle which, if copied, will result in two linked versions of
> the same ctx instead of independent versions.
> So something similar to the EVP_MD_CTX_copy() functionality is needed
> but for ciphers so an ENGINE can do whatever it needs to to copy a context.
> If we add this no existing ENGINE will support it of course.
> If you just want something that works for internal RC4 ciphers then a "hack"
> will do.

On a related note, I would like to be able to pass live "SSL *"
connections between processes. I can pass the file descriptor, but
passing the SSL state with the associated cipher state, ... does not
seem to be possible.

Are these in fact related? What are the most significant obstacles to
migrating SSL connections (not sessions) between processes?

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org