Author christian.heimes
Recipients Alex Warhawk, Mark.Ribau, Ye.Wang, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou
Date 2015-10-08.10:35:04
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1444300505.19.0.976099020136.issue19500@psf.upfronthosting.co.za>
In-reply-to
Content
Thanks for your patch. There might be a simpler way. By default a SSLContext only caches server sessions. You can enable client session caching with:

  SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT)

This may be sufficient for FTP over TLS since both sockets are created from the same context.

 
The new patch has a flaw. With the new SSLSession object a user could attempt to reuse a SSLSession with a different SSLContext. That's going to break OpenSSL.

From SSL_set_session(3)

NOTES
       SSL_SESSION objects keep internal link information about the session cache list, when being inserted into one SSL_CTX object's session cache.  One SSL_SESSION object, regardless of its reference count, must therefore only be used with one SSL_CTX object (and the SSL objects created from this SSL_CTX object).
History
Date User Action Args
2015-10-08 10:35:05christian.heimessetrecipients: + christian.heimes, janssen, pitrou, giampaolo.rodola, dstufft, Ye.Wang, Mark.Ribau, Alex Warhawk
2015-10-08 10:35:05christian.heimessetmessageid: <1444300505.19.0.976099020136.issue19500@psf.upfronthosting.co.za>
2015-10-08 10:35:05christian.heimeslinkissue19500 messages
2015-10-08 10:35:04christian.heimescreate