[openssl-users] renegotiate across exec()
Felipe Gasper
felipe at felipegasper.com
Fri Mar 2 15:24:59 UTC 2018
> On Mar 2, 2018, at 12:44 AM, Viktor Dukhovni <openssl-users at dukhovni.org> wrote:
>
>> On Mar 1, 2018, at 10:39 PM, Felipe Gasper <felipe at felipegasper.com> wrote:
>>
>> Hi all,
>>
>> I’ve got a project where I’m trying to send a Hello Request from the server immediately before an exec(), then renegotiate the SSL connection.
>>
>> What is the easiest way to send *just* a Hello Request from a server?
>
> You actually have a more severe problem. The session is already established
> and so the renegotiation must happen over an already encrypted channel. But
> there's no API to export the cryptographic state for use in the new executable.
>
> I believe you're out of luck. I believe that OpenSSL does not support migration
> of live connections between address spaces.
Doh!
Eh well. Thank you for clarifying.
-Felipe
More information about the openssl-users
mailing list