Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SSL session reuse does not work with TLS1.2 with OpenSSL since 7.77.0 #7222

Closed
ngg opened this issue Jun 9, 2021 · 0 comments
Closed

SSL session reuse does not work with TLS1.2 with OpenSSL since 7.77.0 #7222

ngg opened this issue Jun 9, 2021 · 0 comments
Labels

Comments

@ngg
Copy link
Contributor

@ngg ngg commented Jun 9, 2021

I did this

I'm looking at the Client Hello messages in Wireshark when running the following command:

curl -v -I --tls-max 1.2 --http1.1 "https://example.com/[1-3]" -H "Connection:close"

I expected the following

I've expected to see reused Session IDs, but they are not.

curl/libcurl version

I've bisected the failure to the 7f4a9a9 commit, here is the output of curl -v when I compiled that commit:

curl 7.77.0-DEV (x86_64-pc-linux-gnu) libcurl/7.77.0-DEV OpenSSL/1.1.1k zlib/1.2.11 brotli/1.0.9 zstd/1.4.9 libidn2/2.3.0 libpsl/0.21.0 (+libidn2/2.3.0) nghttp2/1.41.0 OpenLDAP/2.4.57
Release-Date: [unreleased]
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp 
Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTPS-proxy IDN IPv6 Largefile libz NTLM NTLM_WB PSL SSL TLS-SRP UnixSockets zstd

operating system

I've checked on Linux x64, but there is a bug report in the curl-library mailing list with topic TLS session ID re-use broken in 7.77.0 that uses the https://curl.se/windows/dl-7.77.0_2/curl-7.77.0_2-win64-mingw.zip version on Windows.

@bagder bagder added the SSL/TLS label Jun 9, 2021
bagder added a commit that referenced this issue Jun 10, 2021
When a connection is disassociated from a transfer, the Session ID entry
should remain.

Regression since 7f4a9a9 (shipped in libcurl 7.77.0)
Reported-by: Gergely Nagy
Reported-by: Paul Groke

Fixes #7222
@bagder bagder closed this in a5adf8c Jun 11, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

2 participants