The following sequence of calls will fail when
my_session->ssl_version == SSL2_VERSION:
SSL_set_session(my_ssl, my_session);
SSL_set_connect_state(my_ssl); /* Probably not really needed,
but doesn't matter */
SSL_connect(my_ssl); /* Returns -1 */
ERR_print_error(my_errbio);
The printout will be:
28:error:140750DD:SSL routines:SSL23_CONNECT:ssl23 doing session id
reuse:s23_clnt.c:132:
... or something very similar.
The reason for all this is actually that ssl23_get_method() (which is
called downstreams from SSL_set_session()) in s23_meth.c will return
the result of SSLv23_method() when presented with SSL2_VERSION as
input argument, while it will give the results from SSLv3_method() and
TLSv1_method() for SSL3_VERSION and TLS1_VERSION respectively. What
happens next is that ssl23_connect() is called with an SSL in the
state SSL_ST_CONNECT|SSL_ST_BEFORE. The first thing that is checked
is if there's a session connected to the SSL, and if there is, the
error given above is signaled.
Unless someone tells me the behavior of ssl23_get_method() is correct
visavi SSLv2, I'll change it ro return the result of SSLv2_method().
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, Celo Communications: http://www.celocom.com/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Session reuse on client side when the session runs SSLv2 fails
Richard Levitte - VMS Whacker Thu, 01 Mar 2001 10:08:11 -0800
- Re: Session reuse on client side when the se... Richard Levitte - VMS Whacker
- Re: Session reuse on client side when t... Lutz Jaenicke
- Re: Session reuse on client side when t... Richard Levitte - VMS Whacker
- Re: Session reuse on client side wh... Lutz Jaenicke
