curl-users
Re: Question regarding using the ssl sessionid usage
Date: Wed, 1 Apr 2009 13:04:28 -0500
2009/4/1 Niranjan Ramakrishnan willowbreaker_at_hotmail.com
>
> REQUEST
>
> /usr/local/bin/curl --verbose -k --url https://www.google.com - In the
> ClientHello , I see sessionid length as 0 - As expected.
>
> The ServerHello sends a sessionid
>
> I resend the request
>
> /usr/local/bin/curl --verbose -k --url https://www.google.com - In the
> ClientHello , I see sessionid length as 0 - I would expect it to reuse the
> sessionid that was sent previously.
>
> Please let me know if I am doing something wrong.
>
SSL sessions are not saved across separate invocations of the curl command
line. This is fairly standard practice. The SSL sessions are part of the
Open SSL library whose cache only exists for as long as the process lives.
If you want SSL sessions to be reused, then you should look into making each
request come from the same process. This can be done by using libcurl.
There are many language bindings for libcurl including Perl, my personal
favorite. You would simply write a script that makes each HTTP request in
sequence. You will find that the SSL session is reused on the subsequent
requests. There are simple examples to be found of how to make an HTTP
request using the Perl language bindings.
There is one question that comes to mind. Why do you care? The overhead in
creating a brand new curl command line process is probably as long or longer
than creating the SSL session, at least from the client side. It does add
some overhead to the server, but again, are you sure there is a problem with
this? Are you planning on a high rate of transactions? Or maybe the server
caches the user identity based upon the SSL session, rare, but not unheard
of.
Ray
-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2009-04-01