[openssl-users] PEM_read and write SSL_SESSION

Shubham Chauhan shubham13099 at iiitd.ac.in
Sun Feb 28 13:02:47 UTC 2016


Okay so I have been trying to store session details in a file, haven't used
BIO for now, but I guess my present method should work fine.
This is on the server side -


        FILE * filePtr;
        char fileString[128];
        sprintf(fileString, "/home/session_id");

        if ((filePtr = fopen(fileString,  "r")) != NULL)
        {
            session = PEM_read_SSL_SESSION(filePtr, NULL, NULL, NULL);
            int added =0;
            added = SSL_CTX_add_session(ctx, session);
            printf("\n::: %d :::\n", added);  /* it is returning 1 always
which means that it succeeds */

            fclose(filePtr);
        }

        ssl = SSL_new(ctx);
        SSL_set_fd(ssl, clntfd);
        SSL_accept(ssl);


        session = SSL_get1_session(ssl);
        FILE* filePtr2;

        char fileString2[128];
        sprintf(fileString2, "/home/session_id");

        if ((filePtr2 = fopen(fileString2,  "r+")) != NULL)
        {
                // write the data to the file
                PEM_write_SSL_SESSION(filePtr2, session);
                // close the file
                fclose(filePtr2);
        }


Everytime a new session is negotiated, the session_id file gets updated
with the new session details. I am able to write and read from a file.
This means that the session should always be re-used, even if the session
gets timed-out from the internal cache, it will get loaded from the
external file, and the session must always be reused. BUT THIS IS NOT
HAPPENING FOR NOW.
Any problem in the code!? Please let me know


On Sat, Feb 27, 2016 at 8:32 PM, Shubham Chauhan <shubham13099 at iiitd.ac.in>
wrote:

> great!
> Thanks, I'll give it a try, this looks promising enough :)
>
> On Sat, Feb 27, 2016 at 7:42 PM, Michel <michel.sales at free.fr> wrote:
>
>> Hi,
>>
>>
>>
>> Quoting Andy  about applink : "New code should rather abstain from using
>> above mentioned subset of OpenSSL API (whatever using FILE*)".
>>
>>
>>
>> So using the bio* version instead,
>>
>> PEM_write_bio_SSL_SESSION( bio_st*, ssl_session_st*)
>>
>> PEM_read_bio_SSL_SESSION( bio_st*, ssl_session_st**, int (char*, int,
>> int, void*) *, void* )
>>
>> are declared and implemented using macros as you can see in include\openssl\pem.h,
>> starting line 156
>>
>> (or search for "PEM_read/PEM_write functions")
>>
>>
>>
>> You can use them as simply as (s_server.c, s_client.c ) :
>>
>> SSL_SESSION *sess = PEM_read_bio_SSL_SESSION( pBIO, NULL, 0, NULL );
>>
>> PEM_write_bio_SSL_SESSION( pBIO, SSL_get_session( pSSL ) );
>>
>>
>>
>> They finally call :
>>
>> PEM_ASN1_write_bio()
>>
>> PEM_ASN1_read_bio()
>>
>> about which more info can be found on
>> http://www.umich.edu/~x509/ssleay/pem_io.html
>>
>>
>>
>> Hope this helps,
>>
>>
>>
>> Michel
>>
>>
>>
>>
>>
>> *De :* openssl-users [mailto:openssl-users-bounces at openssl.org] *De la
>> part de* Shubham Chauhan
>> *Envoyé :* vendredi 26 février 2016 12:51
>> *À :* openssl-users at openssl.org
>> *Objet :* [openssl-users] PEM_read and write SSL_SESSION
>>
>>
>>
>> If anyone is familiar with the PEM_read_SSL_SESSION and
>> PEM_write_SSL_SESSION functions, please let me know about the arguments and
>> the usage of these functions, in a bit detailed fashion.
>>
>> It'll be really helpful.
>>
>> Thanks
>>
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>
>>
>
>
> --
> Regards
> Shubham Chauhan
> 2013099
> B.Tech CSE
>



-- 
Regards
Shubham Chauhan
2013099
B.Tech CSE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160228/4ae398dd/attachment.html>


More information about the openssl-users mailing list