Changelog Development Documentation Download libcurl Mailing Lists News
cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: SSL Session ID Caching

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 5 Sep 2001 14:53:16 +0200 (MET DST)

On Wed, 5 Sep 2001, Paul Harrington wrote:

> First thanks for implementing the SSL session caching. The changes
> file says that "you must reuse the same handle for the caching to take
> affect".

Yes. I was prepared that this might not cover all aspects of what people
would want...

> How does this work using the command line tool? The reason I
> require this is because the server I connect to returns dynamic content
> then forcibly closes the connection so I don't get the option to reuse
> it.

All URLs specified on the same command line will use the same "handle" and
thus the SSL Session ID Caching should take place and work. A session ID is
used in the SSL handshake, so using the cache is only in effect when a
previous SSL connection to the same site was disconnected. Thus, as long as
connections are persistant and re-used, there will be no re-using of session
IDs.

> Would it be possible to take a SSL ID as a command line switch - and also
> make the SSL ID available using -w?

It *might* be possible. It all depends on what kind of interfaces OpenSSL
offers to fiddle with these things. I haven't yet discovered any such ones. A
session for OpenSSL is a struct that I just can't print out. Or more
accurately, I can print it, but I can get it back again in any sensible way
AFAIK. If there's an OpenSSL hacker reading this with other info, please
prove me wrong!

If I were you, I would seriously consider using the perl/python/tcl/whatever
libcurl interface instead, as that would give you a much simpler (at least
quicker) way to get to the cached Session ID heaven.

> I guess its also time to chuck away my own cookie_jar subroutine ;-)

I hope so. It all of course comes down to what kind of functionality you're
after, and what we'll agree on that (lib)curl should offer... Currently (in
the 7.9 pre-releases and the CVS development sources), the -c option simply
dumps all internally known cookies to a specified file.

BTW, while I'm writing, the 7.9 pre-release 3 was uploaded earlier today.
Newer and better. -R and libtool 1.4.1 are noteworthy news in there. 

-- 
    Daniel Stenberg -- curl groks URLs -- http://curl.haxx.se/
Received on 2001-09-05