[openssl-users] renegotiate across exec()

Felipe Gasper felipe at felipegasper.com
Fri Mar 2 15:24:59 UTC 2018

> On Mar 2, 2018, at 12:44 AM, Viktor Dukhovni <openssl-users at dukhovni.org> wrote:
>> On Mar 1, 2018, at 10:39 PM, Felipe Gasper <felipe at felipegasper.com> wrote:
>> Hi all,
>> 	I’ve got a project where I’m trying to send a Hello Request from the server immediately before an exec(), then renegotiate the SSL connection.
>> 	What is the easiest way to send *just* a Hello Request from a server?
> You actually have a more severe problem.  The session is already established
> and so the renegotiation must happen over an already encrypted channel.  But
> there's no API to export the cryptographic state for use in the new executable.
> I believe you're out of luck.  I believe that OpenSSL does not support migration
> of live connections between address spaces.


Eh well. Thank you for clarifying.


More information about the openssl-users mailing list