OpenSSL是否每个进程允许多个SSL_CTX,一个SSL_CTX用于服务器会话,另一个SSL_CTX用于客户端会话? [英] Does OpenSSL allow multiple SSL_CTX per process, one SSL_CTX used for server sessions and the other SSL_CTX for client sessions?

查看:199
本文介绍了OpenSSL是否每个进程允许多个SSL_CTX,一个SSL_CTX用于服务器会话,另一个SSL_CTX用于客户端会话?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个Linux进程,该进程需要充当SSL服务器(来自其他客户端的接受和服务连接),但也需要(在同一过程中)启动与其他SSL服务器的客户端会话.

I have a Linux process that needs to act as an SSL server (accept and service connections from other clients) but also needs to - in the same process - initiate client sessions with other SSL servers.

我打算使用两个SSL_CTX_new()函数调用来创建两个单独的SSL_CTX句柄,一个使用服务器方法调用,另一个使用客户端方法调用.是否在单个过程中支持OpenSSL这样的双重用途?我希望OpenSSL使用SSL_CTX句柄-并且不依赖于全局或静态局部变量-对于创建和服务新会话可能需要的所有上下文信息.这是一个很好的假设吗?

I intend to create two separate SSL_CTX handles using two SSL_CTX_new() function calls, one invoked with server methods and the other with client methods. Is such dual-use of OpenSSL within a single process supported? My hope is that OpenSSL uses the SSL_CTX handle - and does not rely on global or static local variables - for all context information it may need to create and service new sessions. Is this a good assumption?

推荐答案

根据我的经验:只要正确初始化了OpenSSL库,您就可以自由创建多个上下文.如OpenSSL手册页所述,在设置线程锁定后,我在同一应用程序中使用了两种不同的上下文,没有问题: http://www.openssl.org/docs/crypto/threads.html .如果您的应用程序不使用线程,则根本不需要这样的设置.

From my experience: you can freely create several contexts as long as you properly initialized OpenSSL library. I have used two different contexts in the same application with no problems after having set up threading locks as described in OpenSSL man page: http://www.openssl.org/docs/crypto/threads.html. If your app doesn't use threads you won't need such setup at all.

这篇关于OpenSSL是否每个进程允许多个SSL_CTX,一个SSL_CTX用于服务器会话,另一个SSL_CTX用于客户端会话?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆