Extracted from Pike v7.8 release 866 at 2016-11-06.
pike.ida.liu.se
[Top]
SSL
SSL.session

Class SSL.session

Description

The most important information in a session object is a choice of encryption algorithms and a "master secret" created by keyexchange with a client. Each connection can either do a full key exchange to established a new session, or reuse a previously established session. That is why we have the session abstraction and the session cache. Each session is used by one or more connections, in sequence or simultaneously.

It is also possible to change to a new session in the middle of a connection.



Variable identity

string SSL.session.identity

Description

Identifies the session to the server


Variable compression_algorithm

int SSL.session.compression_algorithm

Description

Always COMPRESSION_null.


Variable cipher_suite

int SSL.session.cipher_suite

Description

Constant defining a choice of keyexchange, encryption and mac algorithm.


Variable cipher_spec

.Cipher.CipherSpec SSL.session.cipher_spec

Description

Information about the encryption method derived from the cipher_suite.


Variable ke_method

int SSL.session.ke_method

Description

Key exchange method, also derived from the cipher_suite.


Variable master_secret

string SSL.session.master_secret

Description

48 byte secret shared between the client and the server. Used for deriving the actual keys.


Variable cert_data

mapping SSL.session.cert_data

Description

information about the certificate in use by the peer, such as issuing authority, and verification status.


Variable peer_certificate_chain

array(string) SSL.session.peer_certificate_chain

Description

the peer certificate chain


Variable certificate_chain

array(string) SSL.session.certificate_chain

Description

our certificate chain