On Wed, Dec 17, 2003 at 03:37:19PM +0000, Philip L Smith wrote:
> I connect fine from one process, display it's details using a version of
> SSL_SESSION_print(out,x)
> (taken from sess_id.c), then save the session in use to a file
...
> This is the output from the session that works
>
> Protocol : TLSv1
> Cipher : RC4-MD5
> Session-ID: 570C00004ADA4D6E3CABB0A26535A1636E8E26A6939C2E97F13EB31DF1777376
> Session-ID-ctx:
> Master-Key:
> 5B5A672CDB645FB6A1E79B53FF23F1447AC2CFE225DB28B7CE7BC14F1D8D3CBDDD10E9FCDC40A1F0DA5E9518D562A56D
> Key-Arg :
> Start Time: 1071659840
> Timeout : 300 (sec)
> Verify return code: 20 (unable to get local issuer certificate)
>
> In the next process, I then re-load the session from disk and set it to
> be the one to use
> (along with some other stuff put in to try and make it work).
...
> // add to all contexts - 1 means not added as already in the cache
> int added = 0;
> added = SSL_CTX_set_session_cache_mode(m_pSslV23Ctx,
> SSL_SESS_CACHE_CLIENT);
> added = SSL_CTX_add_session(m_pSslV23Ctx, &s);
...
It should not be necessary to add the session to the CTX.
> // force it to be used ?
> added = SSL_set_session(m_pSslV23Connection, ps);
...
> ===
>
> This is what is then displayed.
>
> Protocol : TLSv1
> Cipher : 0004
> Session-ID: 570C00004ADA4D6E3CABB0A26535A1636E8E26A6939C2E97F13EB31DF1777376
> Session-ID-ctx:
> Master-Key:
> 5B5A672CDB645FB6A1E79B53FF23F1447AC2CFE225DB28B7CE7BC14F1D8D3CBDDD10E9FCDC40A1F0DA5E9518D562A56D
> Key-Arg :
> Start Time: 1071659840
> Timeout : 300 (sec)
> Verify return code: 20 (unable to get local issuer certificate)
>
> =======
> The Cipher is displayed as the cipher_id, as the cipher is NULL.
Yes. This is no problem in itself, as the cipher is a pointer to an
internal structure and thus cannot be saved, but the cipher id is
a re-usable value. The pointer will however automatically be
regenerated, but this will only happen during the actual negotiation.
So you cannot see it before starting the handshake.
...
Changes between 0.9.6g and 0.9.6h [5 Dec 2002]
...
*) Bugfix: client side session caching did not work with external caching,
because the session->cipher setting was not restored when reloading
from the external cache. This problem was masked, when
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set.
(Found by Steve Haslam <[EMAIL PROTECTED]>.)
[Lutz Jaenicke]
What version of OpenSSL are you using?
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
