[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-users
Subject: Re: [openssl-users] Backup of existing ssl connection
From: "Short, Todd via openssl-users" <openssl-users () openssl ! org>
Date: 2018-08-28 19:27:37
Message-ID: 9960DDE9-54EB-441E-9B63-E7F618854616 () akamai ! com
[Download RAW message or body]
[Attachment #2 (text/plain)]
Agreed, Iooked at this when creating a failover service, and trying to replicate all \
the TCP and TLS data ended up using significant CPU processing and network bandwidth \
that it wasn't worth it; in addition to intrusive OpenSSL changes.
You should try to have a way to detect and re-establish a failed connection; it's \
significantly easier to do, and requires no modification of the OpenSSL code. \
Alternatively, having two simultaneous connections might work out.
--
-Todd Short
// tshort@akamai.com<mailto:tshort@akamai.com>
// "One if by land, two if by sea, three if by the Internet."
On Aug 23, 2018, at 8:36 AM, Salz, Rich via openssl-users \
<openssl-users@openssl.org<mailto:openssl-users@openssl.org>> wrote:
> I want to take backup of existing ssl connection. Use this backup connection in \
> other slave board. This backup include keys and sequence no, ssl version etc. Is \
> Openssl support any api to take backup of existing ssl connection?
No. This is not currently possible, and is unlikely to ever happen in OpenSSL. It's \
too hard.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Attachment #3 (text/html)]
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: \
after-white-space;" class=""> Agreed, Iooked at this when creating a failover \
service, and trying to replicate all the TCP and TLS data ended up using significant \
CPU processing and network bandwidth that it wasn't worth it; in addition to \
intrusive OpenSSL changes. <div class=""><br class="">
</div>
<div class="">You should try to have a way to detect and re-establish a failed \
connection; it's significantly easier to do, and requires no modification of the \
OpenSSL code. Alternatively, having two simultaneous connections might work out.<br \
class=""> <div class="">
<div class="">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: \
start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; \
word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; \
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""> <div \
style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; \
text-indent: 0px; text-transform: none; white-space: normal; widows: auto; \
word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; \
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""> <div \
class="">--</div> <div class="">-Todd Short</div>
<div class="">// <a href="mailto:tshort@akamai.com" \
class="">tshort@akamai.com</a></div> <div class="">// "One if by land, two if by \
sea, three if by the Internet."</div> </div>
</div>
</div>
<div><br class="">
<blockquote type="cite" class="">
<div class="">On Aug 23, 2018, at 8:36 AM, Salz, Rich via openssl-users <<a \
href="mailto:openssl-users@openssl.org" class="">openssl-users@openssl.org</a>> \
wrote:</div> <br class="Apple-interchange-newline">
<div class="">
<div class="WordSection1" style="page: WordSection1; caret-color: rgb(0, 0, 0); \
font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: \
normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: \
0px; text-transform: none; white-space: normal; word-spacing: 0px; \
-webkit-text-stroke-width: 0px; text-decoration: none;"> <div style="margin: 0in 0in \
0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;" class=""> <b \
class=""><span style="font-size: 12pt;" class="">></span></b>I want to take backup \
of existing ssl connection. Use this backup connection in other slave board. \
This backup include keys and sequence no, ssl version etc.<o:p \
class=""></o:p></div> <div class="">
<div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, \
sans-serif;" class=""> >Is Openssl support any api to take backup of existing ssl \
connection?<o:p class=""></o:p></div> </div>
<div class="">
<div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, \
sans-serif;" class=""> <o:p class=""> </o:p></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 11pt; font-family: Calibri, \
sans-serif;" class=""> No. This is not currently possible, and is unlikely to \
ever happen in OpenSSL. It's too hard.<o:p class=""></o:p></div> </div>
</div>
<span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; \
font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: \
normal; text-align: start; text-indent: 0px; text-transform: none; white-space: \
normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; \
float: none; display: inline !important;" class="">--<span \
class="Apple-converted-space"> </span></span><br style="caret-color: rgb(0, 0, \
0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: \
normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: \
0px; text-transform: none; white-space: normal; word-spacing: 0px; \
-webkit-text-stroke-width: 0px; text-decoration: none;" class=""> <span \
style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; \
font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: \
normal; text-align: start; text-indent: 0px; text-transform: none; white-space: \
normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; \
float: none; display: inline !important;" class="">openssl-users mailing \
list</span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: \
12px; font-style: normal; font-variant-caps: normal; font-weight: normal; \
letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; \
white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; \
text-decoration: none;" class=""> <span style="caret-color: rgb(0, 0, 0); \
font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: \
normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: \
0px; text-transform: none; white-space: normal; word-spacing: 0px; \
-webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline \
!important;" class="">To unsubscribe:<span \
class="Apple-converted-space"> </span></span><a \
href="https://mta.openssl.org/mailman/listinfo/openssl-users" style="color: rgb(149, \
79, 114); text-decoration: underline; font-family: Helvetica; font-size: 12px; \
font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: \
normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; \
white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-size-adjust: auto; \
-webkit-text-stroke-width: 0px;" \
class="">https://mta.openssl.org/mailman/listinfo/openssl-users</a></div> \
</blockquote> </div>
<br class="">
</div>
</div>
</body>
</html>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
--===============2087327501663032594==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic