On Tue, 4 Jun 2013, Janusz Harkot wrote:

What makes you suggest that's what's happening? Sure, if it would've sent no
or the wrong host name it would probably have that effect.


[36] * Re-using existing connection! (#0) with host (nil)

Ah that. Yes, that's a stupid line to show (that bug has been fixed since). But if you look further down your log you see that the connection which is re-used according to that log line gets closed anyway.

it looks like it is working


So, the question is still why it is not working with openssl 0.9.8r - this version supports SNI by default. This looks like an error in openssl (maybe: Only allow one SGC handshake restart for SSL/TLS.)

Right. As you can see in the libcurl code it activates SNI for OpenSSL the exact same way independently of what version that's used.

Now is the question, shall this be handled by curl or left alone? (handling older version of openssl, and force new ssl session?)

I'm not even completely convinced this is "just" an old-OpenSSL-problem. If that version you're using is the one Apple has provided, there's the risk that the problem is rather caused by their changes!

I'm reluctant to globally switch off session-id caching for OpenSSL 0.9.8 users since that feature has been used for over 8 years in the code and you're the first to have a problem with it! =-/


 / daniel.haxx.se
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to