SYSTEMS AND METHODS FOR HANDLING SSL SESSION NOT REUSABLE ACROSS MULTIPLE CORES
First Claim
1. A method of identifying an SSL session as not reusable among cores in a multi-core system, the method comprising:
- a) indicating, by a first packet engine executing on a first core of a multi-core system, that an SSL session is not reusable;
b) identifying, by the first packet engine responsive to the indication, one or more or core identifiers of one or more cores of the multi-core system that have requested session information for the SSL session;
c) transmitting, by the first packet engine, to each of the identified one or more cores of the multi-core system a message indicating that the SSL session is not reusable;
d) receiving, by a second packet engine of a second core of the multi-core system, a request to reuse the SSL session established by the first core, the request comprising a session identifier of the SSL session, the session identifier identifying the first core as an establisher of the SSL session;
e) identifying, by the second packet engine, from the session identifier that the second core is not the establisher of the SSL session; and
f) determining not to reuse, by the second packet engine, the SSL session based on the message from the first core and the identification that the second core is not the establisher of the SSL session.
7 Assignments
0 Petitions
Accused Products
Abstract
The present invention is directed towards systems and methods for managing SSL session persistence and reuse in a multi-core system. A first core may indicate that an SSL session established by the first core is non-resumable. Responsive to the indication, the core may set an indicator at a location in memory accessible by each core of the multi-core system, the indicator indicating that the SSL session is non-resumable. A second core of the multi-core system may receive a request to reuse the SSL session. The request may include a session identifier of the SSL session. In addition, the session identifier may identify the first core as an establisher of the SSL session. The second core can identify from encoding of the session identifier whether the second core is not the establisher of the SSL session. Responsive to the identification, the second core may determine whether to resume the SSL session.
9 Citations
20 Claims
-
1. A method of identifying an SSL session as not reusable among cores in a multi-core system, the method comprising:
-
a) indicating, by a first packet engine executing on a first core of a multi-core system, that an SSL session is not reusable; b) identifying, by the first packet engine responsive to the indication, one or more or core identifiers of one or more cores of the multi-core system that have requested session information for the SSL session; c) transmitting, by the first packet engine, to each of the identified one or more cores of the multi-core system a message indicating that the SSL session is not reusable; d) receiving, by a second packet engine of a second core of the multi-core system, a request to reuse the SSL session established by the first core, the request comprising a session identifier of the SSL session, the session identifier identifying the first core as an establisher of the SSL session; e) identifying, by the second packet engine, from the session identifier that the second core is not the establisher of the SSL session; and f) determining not to reuse, by the second packet engine, the SSL session based on the message from the first core and the identification that the second core is not the establisher of the SSL session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for identifying an SSL session as not reusable among cores in a multi-core system, the system comprising:
-
a device comprising a plurality of cores; a first packet engine executable on a first core of the plurality of cores and configured to indicate that an SSL session is not reusable; and
responsive to the indication, to identify one or more or core identifiers of one or more cores of the plurality of cores that have requested session information for the SSL session, and transmit to each of the identified one or more cores of the plurality of cores a message indicating that the SSL session is not reusable;a second packet engine executable on a second core of the plurality of cores and configured to receive a request to reuse the SSL session established by the first core, the request comprising a session identifier of the SSL session, the session identifier identifying the first core as an establisher of the SSL session; wherein second packet engine is configured to identify from the session identifier that the second core is not the establisher of the SSL session and determine not to reuse the SSL session based on the message from the first core and the identification that the second core is not the establisher of the SSL session. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification