cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: How do I enforce a new SSL Session ID at each

From: Shmulik Regev <shmulbox_at_gmail.com>
Date: Fri, 7 Jul 2006 15:36:04 +0300

See my somewhat related post about forcing the use of an existing session ID
http://curl.haxx.se/mail/lib-2005-07/0135.html . You should also look into
OpenSSL's mechanism of handling sessions -
http://www.openssl.org/docs/ssl/SSL_CTX_sess_set_get_cb.html . Note that the
trick I did, was to change the OpenSSL "virtual table" and replace the
functions it contains with my own. This forced me to look into the OpenSSL
implementation of session handling, but it proved easy enough to understand
and change through this form of primitive "inheritance". Don't forget that
you need to set Curl's CURLOPT_SSL_CTX_FUNCTION to get hold of OpenSSL's
context.

One last note - if you do override OpenSSL's functions, don't forget to use
the application specific data facility
http://www.openssl.org/docs/ssl/SSL_CTX_get_ex_new_index.html

Hope this helps.

Cheers,
Shmul
Received on 2006-07-07