Open Bug 51469 Opened 24 years ago Updated 2 years ago

force restart handshake to switch to existing new session

Categories

(NSS :: Libraries, enhancement, P3)

Product:
NSS
Component:
Libraries
Type:
enhancement

Tracking

(Not tracked)

Status:
ASSIGNED

People

(Reporter: nelson, Unassigned)

Details

After a connection has been established and an initial SSL handshake
has been completed, the SSL client API presently allows one to force 
a full handshake on an existing SSL connection (which starts a new
SSL session), and to force a "restart" handshake re-using the same
SSL session (same master secret) currently in use on the connection.

However, a scenario can arise in which, during the lifetime of one
SSL connection, another thread does a full handshake with the same
server, establishing a new SSL session with that server.  It can be
desirable under certain circumstances (e.g. benchmarks) for the 
existing SSL connections to switch from the old SSL session to the 
new SSL session by doing a "restart" handshake using the session 
ID of the new session (obtained from the client's session cache).

Presently, the SSL client API does not permit this.  There is no way
to get the SSL code to forget its current SSL session ID, and go back
to the client session cache and get the newer session ID during an 
SSL connection.  Presently it is necessary to start a new TCP connection
to accomplish this switch over.  

A way to force a "restart" handshake to switch to the newer session is 
desirable.
Status: NEW → ASSIGNED
This enhancement would really benefit stress test (benchmark) clients,
such as the TPCW benchmark client.
Target Milestone: --- → 3.2
Changing target to 3.3
Target Milestone: 3.2 → 3.3
Target Milestone: 3.3 → 3.4
Set target milestone to NSS 3.5.
Target Milestone: 3.4 → 3.5
Target Milestone: 3.5 → Future
QA Contact: wtchang → libraries
thanks
Assignee: nelson → nobody
Target Milestone: Future → ---
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.