Hi all, I am using a CURLSH object alongside with a multi to share TLS session cache among all easy handles added to the multi.

I have a requirement to flush the session cache on certain events such that the next easy transfer will perform a full handshake with the server. After that session id caching should resume (i.e. session resumption should succeed for the next easy transfer).

For simplicity, let’s assume easy transfers are performed serially, let’s also assume the protocol is HTTPS only.

What would be the correct way to achieve this?


  1. Retrieve SSL_CTX from each easy handle and call SSL_CTX_flush_sessions?
     * Would it remove the cache entries stored in CURLSH?
  2. Call curl_share_setopt(CURLSHOPT_UNSHARE, CURL_LOCK_DATA_SSL_SESSION), perform easy transfer, and call CURLSHOPT_SHARE again?
     * Would the session state of the full handshake be cached?
  3. Remove the easy handle from the share object, perform easy transfer, and re- add the handle back after the transfer?
     * Same question as 2.a
  4. Remove all easy handles from the share object, cleanup the shared object, add all handles back to the shared object, and then re- start transfers?
     * This should work, right?

Any other methods?

Thanks in advance,
Biao Wang

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2018-11-14