Benjamin,
In order to enable SSL session reuse, please use the call SSL_SetURL on your client SSL socket . NSS will then reuse the session if possible, based on the hostname of the server you are connecting to, as well as its IP address and port .
Benjamin Zhang wrote:
In my application, using NSS to build a SSL client, every inner webpage link will redo a full handshake, session is not usable, what's the problem?
prob.1 Despite how option set, V2 hello always be sent, no sessionid is attached. [Wed Dec 01 14:29:56 2004] [ssl2] ClientHelloV2 { version = {0x03, 0x01} cipher-specs-length = 27 (0x1b) sid-length = 0 (0x00) challenge-length = 16 (0x10) cipher-suites = { (0x000004) SSL3/RSA/RC4-128/MD5......... } session-id = { } challenge = { 0x128c 0x645f 0x1be0 0x2696 0x19fe 0xea28 0x68c8 0x4
prob.2 Every link redo a full handshake(a new socket).
I found Mozilla Exploer have not this problem. It seemed there are no NSS function to deal with client ssl session. It is noting to do with the SSL server.
I call sequence of NSS is: sslSocket = SSL_ImportFD(NULL, tcpSocket); secStatus=SSL_OptionSet(sslSocket,....... secStatus = SSL_OptionSet(sslSocket, SSL_ENABLE_SSL2 , PR_FALSE); secStatus = SSL_GetClientAuthDataHook(..... secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_FALSE); secStatus=SSL_ForceHandshake(sslSocket);
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
