CTX and SSL token format

CTX and SSL tokens are 32 bits with the following format:

xxxxxxxx xxxxxxxx xxxxxxxx nnnnnnnn

In this format:

• Bits 0 to 23 are incremented each time a token is assigned. Values 0 to 4095 (X'000'to X'FFF' for these bits are used for CTX structures that exist in multiple SSL daemon processes. Values of 4096 or higher are used for a CTX structure owned by only one SSL daemon process or an SSL structure that, by definition, is owned by one SSL daemon process. When the value of all 32 bits reaches CPMGMNMEG, bits 0 to 23 are reset to 4096. Many tokens will be created by a process before the same token value is used again.
• Bits 24 to 31 indicate which SSL daemon process created the token (owns the CTX or SSL token). A value of X'FE' or X'FF' indicates that this token represents a CTX structure that exists in a multiple SSL daemon process.

For example, the first five tokens created by SSL daemon process X'02' that are CTX or SSL structures owned by this process would be as follows:

• X'00 10 00 02'
• X'00 10 01 02'
• X'00 10 02 02'
• X'00 10 03 02'
• X'00 10 04 02'

When the application issues the SSL_new_shared call, it can optionally pass a name. That name is looked up in the /etc/sslshared.txt file to determine which SSL daemon process will control the sessions for this application (meaning in which SSL daemon process the CTX structure will be created). For example, the /etc/sslshared.txt file might contain the following: