Timo Sirainen | 30 Jul 17:39 2002
Picon
Picon

passing SSL connection to another process

My server is made of two processes, one handling the login and another
handling the actual connection after that, using unix socket to pass the fd
to the other process.

But now that I'm beginning to implement SSL/TLS support for it, it's
beginning to look a bit difficult.. Is there some way I could save the
gnutls state and transfer it to another process with the fd? Or some other
hopefully not too kludgy way to do it?

Of course, I'll anyway support doing this through SSL proxy process which
itself connects to the actual server process with unix sockets, but that
means extra processes..

Another thing that isn't quite clear from the documentation is how to use
gnutls with nonblocking I/O. All functions returning GNUTLS_E_AGAIN should
be called again, but I'd also need to know if it happened on read or write,
so I could call it again at proper time. I think this is a problem only with
gnutls_handshake()?

Gmane