I'm writing a client app that connects to ftp-secure servers. Some of these servers expect the 2nd SSL data connection to re-use (?) the ssl session from the 1st ssl control connection.
Sorry if I'm getting the terminology wrong! Here is a post I found from someone who seems to have been doing the same thing: http://stackoverflow.com/questions/7786352/ssl-session-resume-on-ftp-transfer-connection-with-openssl My client app works on linux, but it fails during the ssl handshake when I run it on the Mac. I suspect that I haven't done it right, cause even on linux the SSL_connect() call is returning an error which I'm currently ignoring. Here is how I setup the single context prior to establishing any connections: long mode = SSL_CTX_get_session_cache_mode( ctx ); mode |= SSL_SESS_CACHE_CLIENT; SSL_CTX_set_session_cache_mode( ctx, mode ); The first SSL connection works great, so I know I'm partway there. While that first socket remains connected, here is my attempt at re-using the ssl session to establish a 2nd ssl connection: SSL_SESSION *session = SSL_get1_session( ctrlSSL ); int rc = SSL_set_session( dataSSL, session ); if ( rc != 1 ) throw std::runtime_error( "failed to set the data channel ssl session" ); rc = SSL_connect( dataSSL ); if ( rc != 1 ) ..... At this point in the code, rc==-1 and SSL_get_error() gives me a value of 2 (SSL_ERROR_WANT_READ). If I ignore this error on linux, then everything seems to work, though that isn't the case on Mac. To complicate matters somewhat, I'm using boost::asio for my ssl sockets. Though at this point I suspect it is my mis-understanding of how to use OpenSSL correctly. I have a sample app I wrote to demonstrate this problem: http://charette.no-ip.com:81/asio-openssl/ Any help would be greatly appreciated! Stéphane Charette
