[issue19500] Error when connecting to FTPS servers not supporting SSL session resuming
Christian Heimes
report at bugs.python.org
Thu Oct 8 06:35:05 EDT 2015
Christian Heimes added the comment:
Thanks for your patch. There might be a simpler way. By default a SSLContext only caches server sessions. You can enable client session caching with:
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT)
This may be sufficient for FTP over TLS since both sockets are created from the same context.
The new patch has a flaw. With the new SSLSession object a user could attempt to reuse a SSLSession with a different SSLContext. That's going to break OpenSSL.
>From SSL_set_session(3)
NOTES
SSL_SESSION objects keep internal link information about the session cache list, when being inserted into one SSL_CTX object's session cache. One SSL_SESSION object, regardless of its reference count, must therefore only be used with one SSL_CTX object (and the SSL objects created from this SSL_CTX object).
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue19500>
_______________________________________
More information about the Python-bugs-list
mailing list