On 2012-06-09 16:11, Timo Sirainen wrote:
On 9.6.2012, at 4.55, Matthias-Christian Ott wrote:
Yes, there is. You have to replicate the entire state of the IMAP session (protocol states, buffers, TLS state etc.) and the TCP state of the connection. The state of the IMAP session is (in theory) easily replicable (although you probably have to rely on internals of the TLS implementation; OpenSSL can serialise TLS sessions from/into ASN.1 via i2d_SSL_SESSION, though this is meant to resume session via TLS)
Interesting! I thought OpenSSL didn't have a way to [de]serialize the session state. The first time I wanted to do that was 13 years ago. I see there are some google hits for i2d_SSL_SESSION, but do you already know a good web page / example code I could look at?
The Apache httpd module mod_ssl uses it.
GnuTLS has similar functions with gnutls_db_*, although it's also only intended to be used to resume a session. Have look at the Apache httpd module mod_gnutls.
Regards, Matthias-Christian