Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Net::SSLeay and SESSION-ID

( #268354=categorized question: print w/ replies, xml ) Need Help??
Contributed by cpc on Jun 24, 2003 at 00:29 UTC
Q&A  > HTTP and FTP clients


Description:

Hi, I am looking for a way to get and set SSL session-ID on an SSL client.
It is relatively easy to do in C, but I didn't find a way to do that with Net:SSLeay.

Basically, I want to make a loop in the following program:

use Socket; use Net::SSLeay qw(die_now die_if_ssl_error copy_session_id); Net::SSLeay::load_error_strings(); Net::SSLeay::SSLeay_add_ssl_algorithms(); Net::SSLeay::randomize(); my $msg = "GET / HTTP/1.0"; my $dest_ip = gethostbyname("cisco.com"); my $dest_serv_params = sockaddr_in( 443, $dest_ip ); socket( S, &AF_INET, &SOCK_STREAM, 0 ) or die "socket: $!"; connect( S, $dest_serv_params ) or die "connect: $!"; my $ctx = Net::SSLeay::CTX_new() or die_now("Failed to create SSL_CTX $! "); Net::SSLeay::CTX_set_options( $ctx,&Net::SSLeay::OP_NO_SSLv2 ) and die_if_ssl_error("ssl ctx set options"); my $ssl = Net::SSLeay::new($ctx) or die_now("Failed to create SSL $!"); Net::SSLeay::set_fd( $ssl, fileno(S) ); my $res = Net::SSLeay::connect($ssl) and die_if_ssl_error("ssl connect"); my $res = Net::SSLeay::write( $ssl, $msg . "\n\n" ); die_if_ssl_error("ssl write"); my $got = Net::SSLeay::read($ssl); die_if_ssl_error("ssl read"); print $got; Net::SSLeay::free($ssl); Net::SSLeay::CTX_free($ctx); close S;

Answer: Net::SSLeay and SESSION-ID
contributed by cpc

I found the way. Have to use the Net::SSLeay::get_session and Net::SSLeay::set_session fuctions as well as keeping the old session object ($ssl1).

#!/usr/bin/perl -w use Socket; use strict; use Net::SSLeay qw(die_now die_if_ssl_error copy_session_id); Net::SSLeay::load_error_strings(); Net::SSLeay::SSLeay_add_ssl_algorithms(); Net::SSLeay::randomize(); my ($res,$got); my $msg = "GET / HTTP/1.0"; my $dest_ip = gethostbyname("cisco.com"); my $dest_serv_params = sockaddr_in( 443, $dest_ip ); socket( S, &AF_INET, &SOCK_STREAM, 0 ) or die "socket: $!"; connect( S, $dest_serv_params ) or die "connect: $!"; my $ctx = Net::SSLeay::CTX_new() or die_now("Cannot create SSL_CTX $!" +); Net::SSLeay::CTX_set_options( $ctx,&Net::SSLeay::OP_NO_SSLv2 ) and die +_if_ssl_error("ssl ctx set options"); my $ssl1 = Net::SSLeay::new($ctx) or die_now("Cannot create SSL #1 $!" +); Net::SSLeay::set_fd( $ssl1, fileno(S) ); $res = Net::SSLeay::connect($ssl1) and die_if_ssl_error("ssl connect") +; $res = Net::SSLeay::write( $ssl1, $msg . "\n\n" ); die_if_ssl_error("ssl write"); $got = Net::SSLeay::read($ssl1); die_if_ssl_error("ssl read"); print $got; close S; socket( S, &AF_INET, &SOCK_STREAM, 0 ) or die "socket: $!"; connect( S, $dest_serv_params ) or die "connect: $!"; my $ssl2 = Net::SSLeay::new($ctx) or die_now("Cannot create SSL #2 $!" +); Net::SSLeay::set_session($ssl2,Net::SSLeay::get_session($ssl1)); Net::SSLeay::set_fd( $ssl2, fileno(S) ); $res = Net::SSLeay::connect($ssl2) and die_if_ssl_error("ssl connect") +; $res = Net::SSLeay::write( $ssl2, $msg . "\n\n" ); die_if_ssl_error("ssl write"); $got = Net::SSLeay::read($ssl2); die_if_ssl_error("ssl read"); print $got; Net::SSLeay::free($ssl1); Net::SSLeay::free($ssl2); Net::SSLeay::CTX_free($ctx); close S;
Answer: Net::SSLeay and SESSION-ID
contributed by Anonymous Monk

There is no need to retain $ssl1. The only requirement is that both $ssl objects come from the same $ctx.

Answer: Net::SSLeay and SESSION-ID
contributed by Anonymous Monk

Actually you need to call get1_session rather than get_session so that the reference count of the session object is not decreased and it is not freed from memory. get1_session is absent from SSLeay.xs however you can add it using the get_session prototype. See "Network Security with OpenSSL", page 152.

Answer: Net::SSLeay and SESSION-ID
contributed by Anonymous Monk

No I am wrong you need to keep $ssl1.

Please (register and) log in if you wish to add an answer



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others cooling their heels in the Monastery: (7)
    As of 2015-07-06 06:00 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









      Results (70 votes), past polls