I am attempting to use the cyassl backend on the latest libcurl with an application that uses easy handles. This starts fine, but I've been running into a problem the moment cyassl times out the session. For anyone who doesn't know, cyassl has been renamed to wolfSSL, but the includes are still installed for cyassl.
(from cyassl_connect_step1(), in lib/vtls/cyassl.c, line 305)
/* Check if there's a cached ID we can/should use here! */ if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL)) { /* we got a session id, use it! */ if(!SSL_set_session(conssl->handle, ssl_sessionid)) { failf(data, "SSL: SSL_set_session failed: %s",ERR_error_string(SSL_get_error(conssl->handle, 0), error_buffer));return CURLE_SSL_CONNECT_ERROR; } /* Informational message */ infof (data, "SSL re-using session ID\n"); }
If SSL_set_session returns 0, libcurl never reestablishes a session. I think nothing is removing the session ID from the cache, so it keeps trying the old connection.
The ugly hack that seems to work for now is to simply ignore the result of SSL_set_session. conn->connection_id gets incremented, the connection gets reinitialized, and we continue running.
On the wolfSSL side, it appears that the session is timing out, so SetSession fails, returning 0. Is there a more elegant way to handle this?
Chris Ghormley / Set-Point Control ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
