SSL Session ID chaining

SSL Session ID chaining

am 04.05.2010 20:36:44 von Klaubert Herr da Silveira

Hi

I recently found a patch for mod_ssl trunk
(http://svn.apache.org/viewvc?view=3Drevision&revision=3D779 005) and it is
in 2.3.5-alpha the SSL_SESSION_RESUMED, that is "Initial or Resumed
SSL Session. Note: multiple requests may be served over the same
(Initial or Resumed) SSL session if HTTP KeepAlive is in use". However
it show the 1st request as "Initial", and "resumed" on nexts requests
inside the same SSL_SESSION_ID (sometimes it show other "Initial" in
the same SSL_SESSION_ID, maybe because are in other tcp connection).

I had a situation were I make a client certificate authentication and
I need to know how to get if a SSL_SESSION_ID is the first and the
others are renegotiated (assuming a 5min. timeout), in a way showed
bellow:

Timestamp :SSL_SESSION_ID : Status
00:00:00 : AAAAAA : Initial
00:05:00 : BBBBBB =A0 : Renegotiated
00:10:00 : CCCCCC : Renegotiated
00:15:00 : DDDDDD : Renegotiated
00:20:00 : EEEEEE : Renegotiated

I can't find a way to make a relatioship between the SSL_SESSION_ID's,
how can I get this?


Best regards,

Klaubert Herr
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org