cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Question regarding using the ssl sessionid usage

From: Ray Pekowski <pekowski_at_gmail.com>
Date: Thu, 2 Apr 2009 23:42:15 -0500

On Thu, Apr 2, 2009 at 3:48 PM, Niranjan Ramakrishnan <
willowbreaker_at_hotmail.com> wrote:

> So if I understand this right ,
> 1. There is no sessionid reuse when I invoke "curl -k https://URL-PATH<https://url-path/>" twice ( separate invocations ).
>

Correct

>
> 2. When I invoke curl -k https://URL-PATH <https://url-path/> curl -k
> https://URL-PATH <https://url-path/> curl -k https://URL-PATH<https://url-path/>, all three requests happen within the same TCP connection and so the
> question of sessionid reuse does not arise.
>

I don't think the above command will work, but something like this allow the
SSL sessions to be reused:

curl https://URL-PATH <https://url-path/> https://URL-PATH<https://url-path/>

I say might because I really don't know for sure. It might depend upon
whether curl processes the requests simultaneously or synchronously. I
believe there are some implementation anomalies here. Read the code if you
want to know for sure.

>
> In which case , when would I use the -no-sessionid flag ? What purpose
> exactly does this flag serve ?
>
Have you read the doc: http://curl.haxx.se/docs/manpage.html

Here is a quote:

"--no-sessionid

(SSL) Disable curl's use of SSL session-ID caching. By default all transfers
are done using the cache. Note that while nothing should ever get hurt by
attempting to reuse SSL session-IDs, there seem to be broken SSL
implementations in the wild that may require you to disable this in order
for you to succeed. (Added in 7.16.0)"

OK, I've taken the effort to answer your questions. Now answer mine. Why
do you care? Why is it important to you to reuse SSL sessions? Is it a
performance reason or a functional one (e.g. it's broke)? If it is
performance, what is your estimate of the additional cost for not reusing
SSL sessions?

Ray

-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2009-04-03

This message: [ Message body ]
Next message: Daniel Stenberg: "RE: Question regarding using the ssl sessionid usage"
Previous message: Dan Fandrich: "Re: curl and Javascript based submit form"
In reply to: Niranjan Ramakrishnan: "RE: Question regarding using the ssl sessionid usage"
Next in thread: Niranjan Ramakrishnan: "RE: Question regarding using the ssl sessionid usage"
Reply: Niranjan Ramakrishnan: "RE: Question regarding using the ssl sessionid usage"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]