Re: Troubles in re-connect

Mon, 22 Jan 2001 00:59:38 -0800 

Hi Greg, Lutz,

As Lutz proposed, I tried to use SSL_set_session().

Here is how my code looks like, as it still doesn't work :
(---DECLARATION-------)
struct {
.....
SSL*    ssl;
....} sessions[] ;

SSL_CTX*        ctx;
SSL_SESSION*    sslsession;
SSL     *ssl;           /* Struct SSL */
(---INIT-------)
  SSL_load_error_strings();
  OpenSSL_add_ssl_algorithms();
  ctx = SSL_CTX_new (SSLv23_client_method());

Main loop begins here
{
(---CONNECTION-------)
        numconn++ ;
        sessions[numconn].ssl = SSL_new (ctx);
        if (! firsttime)
                {
                err=SSL_set_session(sessions[numconn].ssl,sslsession);
                }
        SSL_set_fd(sessions[numconn].ssl, sockdes);
        err = SSL_connect(sessions[numconn].ssl);
        if (firsttime)
                {
                sslsession=SSL_get0_session(sessions[numconn].ssl);
                }
(---DATA EXCHANGE-------)
............
} Main loop ends here

On the second SSL_connect(), it stops with an error :
1867:error:140920C5:SSL routines:SSL3_GET_SERVER_HELLO:old session
cipher not returned:s3_clnt.c:636:  





Greg Stark wrote:
> 
> 
> sorry for the misinformation. I misunderstood a thread I had read in the
> archives. Just out of curiousity, what do the following functions do:
> 
>  SSL_CTX_set_session_cache_mode( );
>  SSL_CTX_sess_set_cache_size ( );
>  SSL_CTX_set_timeout ( );
> 
> ___________________________________
> Greg Stark
> Ethentica, Inc.
> [EMAIL PROTECTED]
> _____________________________________
> 
> ----- Original Message -----
> From: "Lutz Jaenicke" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Sunday, January 21, 2001 5:08 PM
> Subject: Re: Troubles in re-connect
> 
> > On Sun, Jan 21, 2001 at 02:16:32PM +0100, Patrick CHEMLA wrote:
> > > I'm building a client side application which will have to create
> > > multiple connections to the same server side application which I don't
> > > manage.
> >
> > Automatic session reuse is not possible with OpenSSL.
> > Background: the SSL engine has (nearly) no idea of the underlying
> transport,
> > so especially it does not recognize whether a SSL_connect() is performed
> > with a host already contacted before. Since the client has to send
> > the id of the session to be reused before anything else, automatic
> > session reuse is not possible.
> > Solution: use the SSL_set_session() call to explicitly set the session
> > to be reused (as your application should know best which session should
> > be reused).
> >
> > Best regards,
> > Lutz
> > --
> > Lutz Jaenicke                             [EMAIL PROTECTED]
> > BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
> > Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129

-- 
Patrick Chemla
MenSys SA
6, bd de la Libération
93200 SAINT-DENIS
FRANCE
Tél:     +33 1 34.38.43.43
Fax:     +33 1 34.38.43.44
Mobile:  +33 6 07.61.23.12
Email:   [EMAIL PROTECTED]
WebSite: www.mensys.fr
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to