I connect fine from one process, display it's details using a version of SSL_SESSION_print(out,x)
(taken from sess_id.c), then save the session in use to a file
=== // save the session to disk FILE* filePtr;
char fileString[128]; sprintf(fileString, "/tmp/session_id");
if ((filePtr = fopen(fileString, "w+")) != NULL) { // write the data to the file PEM_write_SSL_SESSION(filePtr, ssl_session); // close the file fclose(filePtr); }
===
This is the output from the session that works
Protocol : TLSv1
Cipher : RC4-MD5
Session-ID: 570C00004ADA4D6E3CABB0A26535A1636E8E26A6939C2E97F13EB31DF1777376
Session-ID-ctx:
Master-Key: 5B5A672CDB645FB6A1E79B53FF23F1447AC2CFE225DB28B7CE7BC14F1D8D3CBDDD10E9FCDC40A1F0DA5E9518D562A56D
Key-Arg :
Start Time: 1071659840
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
In the next process, I then re-load the session from disk and set it to be the one to use
(along with some other stuff put in to try and make it work).
=== (code with non-relevant bits stripped out)
// load the session from disk FILE * filePtr;
char fileString[128]; sprintf(fileString, "/tmp/session_id"); Trace("Loading SSL Session",fileString,0);
if ((filePtr = fopen(fileString, "r")) != NULL) { SSL_SESSION s; SSL_SESSION * ps; ps = &s; ps = PEM_read_SSL_SESSION(filePtr, &ps, NULL, NULL); ps = &s; ssl_session_print (ps);
// add to all contexts - 1 means not added as already in the cache
int added = 0;
added = SSL_CTX_set_session_cache_mode(m_pSslV23Ctx, SSL_SESS_CACHE_CLIENT);
added = SSL_CTX_add_session(m_pSslV23Ctx, &s);
// force it to be used ? added = SSL_set_session(m_pSslV23Connection, ps);
// close the file fclose(filePtr); }
===
This is what is then displayed.
Protocol : TLSv1
Cipher : 0004
Session-ID: 570C00004ADA4D6E3CABB0A26535A1636E8E26A6939C2E97F13EB31DF1777376
Session-ID-ctx:
Master-Key: 5B5A672CDB645FB6A1E79B53FF23F1447AC2CFE225DB28B7CE7BC14F1D8D3CBDDD10E9FCDC40A1F0DA5E9518D562A56D
Key-Arg :
Start Time: 1071659840
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
======= The Cipher is displayed as the cipher_id, as the cipher is NULL.
When a connection is made, a new session is created, presumably because the cipher didn't match the one from before.
The server I am talking to is IIS/6.0 through a load balancer which uses the session-id to determine which of 10
servers to send the request to.
The question:
=============
How do I either get the cipher object exported and copied across and re-imported, or set it up so I can re-connect.
Any help would be greatly appreciated.
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]