On Thu, Aug 01, 2002 at 10:25:02AM -0700, Priya Tamhankar wrote:
> Hi,
> I'm trying to get session resumption to work (from the client-side).
> But, somehow, a new session-id is being negotiated every time, instead of a
> reuse.
One could use protocol analyser to see whether client offer session-id
to resume.
ssldump from rtfm.com could do just that
> This is the sequence of my calls:
> SSL_CTX_set_session_cache_mode(app_ctx, SSL_SESS_CACHE_CLIENT);
> SSL_CTX_set_timeout(app_ctx, 3600);
> <other initializations>
>
> SSL_new( )
> SSL_connect_setup( )
> SSL_set_fd( )
> if (saved_session matches current host and cipher) {
> SSL_set_session(sved_session)
> }
>
> SSL_write( ) -> automatically calls SSL_connect..does handshake.
> <application logic>
>
> saved_session = SSL_get1_session( )
> SSL_free( )
>
> -----------------------
> On adding some debug print statements, I found that -
> when the session is being saved, session->references = 3,
> session->not_resumable = 0.
> But, after SSL_free( ) is called, session->references = 1 (which I think is
> good), but session->not_resumable = 1. Because not_resumable is 1, at
> ssl3_client_hello( ), a new session is generated, and the old one not reused.
>
> The server side configuration seems ok, since if I set not_resumable to 1
> from the application just before client-hello, the session does get reused.
>
> Any ideas on what I could be doing wrong ?
>
> Thanks,
> Priya.
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
