Topic: Force Reuse, Porting Old Code

I am porting some code from wolfSSL 1.5 to 2.6.

Most APIs seem very stable but I came upon this which uses an internal api (used to be in wolfssl_int.h):

static void saveforreuse(iao_connection *c)
        if (doreuse(c))
                agentsslsession = SSL_get_session(c->ssl);
                agentsslsession->bornOn = LowResTimer();

I am guessing from the function names that the programmer was aiming to force the system to keep using the same ssl session across hits (the use case is a 5 minute https keep alive).

Does this make any sense? Would it have the intended effect?
What is the correct way of doing this in the 2.6 release?



Re: Force Reuse, Porting Old Code

The proper way to do this is to extend the timeout value that is compared with the bornOn time.  This can be done with:


It defaults to 500 seconds, but wolfSSL_set_timeout() can increase that value to whatever you like.