curl-users
RE: Question regarding using the ssl sessionid usage
Date: Fri, 3 Apr 2009 11:53:24 -0700
Thanks Ray. Why I care is for functionality purposes. I need to establish that the behavior of something that I am testing is similar to when a fresh session is negotiated as opposed to when a session id is reused. Based on this datapoint , I need to establish some performance numbers.
Niranjan
Date: Thu, 2 Apr 2009 23:42:15 -0500
Subject: Re: Question regarding using the ssl sessionid usage
From: pekowski_at_gmail.com
To: curl-users_at_cool.haxx.se
On Thu, Apr 2, 2009 at 3:48 PM, Niranjan Ramakrishnan <willowbreaker_at_hotmail.com> wrote:
So if I understand this right ,
1. There is no sessionid reuse when I invoke "curl -k https://URL-PATH " twice ( separate invocations ).
Correct
2. When I invoke curl -k https://URL-PATH curl -k https://URL-PATH curl -k https://URL-PATH , all three requests happen within the same TCP connection and so the question of sessionid reuse does not arise.
I don't think the above command will work, but something like this allow the SSL sessions to be reused:
curl https://URL-PATH https://URL-PATH
I say might because I really don't know for sure. It might depend upon whether curl processes the requests simultaneously or synchronously. I believe there are some implementation anomalies here. Read the code if you want to know for sure.
In which case , when would I use the -no-sessionid flag ? What purpose exactly does this flag serve ?
Have you read the doc: http://curl.haxx.se/docs/manpage.html
Here is a quote:
"--no-sessionid
(SSL) Disable curl's use of SSL session-ID caching. By default all transfers are done using the cache. Note that while nothing should ever get hurt by attempting to reuse SSL session-IDs, there seem to be broken SSL implementations in the wild that may require you to disable this in order for you to succeed. (Added in 7.16.0)"
OK, I've taken the effort to answer your questions. Now answer mine. Why do you care? Why is it important to you to reuse SSL sessions? Is it a performance reason or a functional one (e.g. it's broke)? If it is performance, what is your estimate of the additional cost for not reusing SSL sessions?
Ray
_________________________________________________________________
Rediscover HotmailŪ: Get e-mail storage that grows with you.
http://windowslive.com/RediscoverHotmail?ocid=TXT_TAGLM_WL_HM_Rediscover_Storage1_042009
-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2009-04-03