Is it a problem if multiple different accepting sockets use the same OpenSSL context?

views:

148

answers:

+1 Q:

Is it a problem if multiple different accepting sockets use the same OpenSSL context?

Is it OK if the same OpenSSL context is used by several different accepting sockets?

In particular I'm using the same boost::asio::ssl::context with 2 different listening sockets.

+1 A:

Yep, SSL_CTX--which I believe is the underlying data structure--is just a global data structure used by your program. From ssl(3):

SSL_CTX (SSL Context)

That's the global context structure which is created by a server or client once per program life-time and which holds mainly default values for the SSL structures which are later created for the connections.

sixlettervariables 2008-09-21 16:51:31

Do you mean yes it is ok because of that reason?

Brian R. Bondy 2008-09-21 16:52:57

@Brian R. Bondy: I updated it to change the language...since I botched the 'Nope' part! Thanks.

sixlettervariables 2008-09-21 16:53:20

+1 A:

It should be OK.

For example a typical RFC4217 FTPS server will use the same SSL context for the control socket and all data sockets within that session.

slim 2008-09-21 16:53:11

Great, thanks for the example.

Brian R. Bondy 2008-09-21 16:54:25

Only within that session? Or within all sessions of the server?

Brian R. Bondy 2008-09-21 17:14:11

ansaurus

tags:

views:

answers:

Is it a problem if multiple different accepting sockets use the same OpenSSL context?

related questions