SSL session key

[Andries]

Hi Yaroslav,

Is it possible to retrieve the SSL session key in a program?

Thanks,

Andries

[Yaroslav]

Hi Andries,

You can access GNUTLS structures like this:

conn->sock.session - this field is of type gnutls_session_t

You can use various GNUTLS functions to retrieve information you need.

Yaroslav

--
You received this message because you are subscribed to the Google Groups "nxweb" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nxweb+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Andries Arijs]

OK, thanks, it worked.

Another question: do you keep some kind of unique identifier per client over a normal HTTP connection (like an SSL session key for https)?

I ask this, because I want to use this for encrypting my session data and prevent replay attacks.

--
You received this message because you are subscribed to a topic in the Google Groups "nxweb" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/nxweb/RC9x-8eGKew/unsubscribe.
To unsubscribe from this group and all its topics, send an email to nxweb+un...@googlegroups.com.

[Yaroslav]

There is unique connection ID: conn->uid of type uint64_t. But this does not identify client or session. Sessions can span over multiple connections, and clients can have multiple sessions. Client or session tracking is usually done by cookies at application level.