cURL / Mailing Lists / curl-library / Single Mail


Re: Reuse ssl session accross curl handles

From: Ray Satiro via curl-library <>
Date: Sat, 30 Apr 2016 01:40:02 -0400

On 4/29/2016 3:56 AM, Thomas Glanzmann wrote:
> Hello,
> * Thomas Glanzmann <> [2016-04-29 09:45]:
>> now that Ray has fixed session reuse, I wonder if it is possible to
>> reuse SSL session across curl handles? If I use the same curl handle it
>> works, but if I try to use curl_easy_duphandle[1] it does _not_ work.
>> Any tricks to reuse session with multiple curl handles? If it is not
>> possible, can I use the same curl handle using curl easy for multiple
>> connections in a multi threaded procss?
> to answer my own question:
> CURLSH *share = curl_share_init();
> curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_SSL_SESSION);
> But when I add the above to my code the sessions are _not_ shared. I can
> tell that from looking at the wireshark output as well as on the
> debugging output of mbedtls.
> Can someone confirm or am I doing something wrong?
> I do the following:
> curl_easy_init()
> curl_easy_duphandle()
> curl_easy_perform()

Works here with mbedTLS. Maybe you forgot CURLOPT_SHARE? In
curl_easy_duphandle it is documented that "the new handle will not
inherit any state information, no connections, no SSL sessions and no
cookies." [1]

Another thing could be the host you're connecting to is spotty on
session resume, like if there's a farm and they don't share resume info.
In that case check the ClientHello to see whether it contains session id
and ticket.

Try this simple example, it should resume:

#include <curl/curl.h>

CURLSH *share;

void gethaxx(void)
   CURL *curl = curl_easy_init();
   curl_easy_setopt(curl, CURLOPT_CAINFO, "curl-ca-bundle.crt");
   curl_easy_setopt(curl, CURLOPT_SHARE, share);
   curl_easy_setopt(curl, CURLOPT_URL, "");
   curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);

int main(int argc, char *argv[])
   share = curl_share_init();
   curl_share_setopt(share, CURLSHOPT_SHARE, CURL_LOCK_DATA_SSL_SESSION);
   return 0;

And to answer your question from the first e-mail: yes you can reuse
easy handles, see curl_easy_reset [2] which should be helpful.


List admin:
Received on 2016-04-30