mirror of
https://github.com/curl/curl.git
synced 2026-07-10 05:37:15 +03:00
FTP servers using SSL can be configured to check TLS session reuse on the DATA connection. They hand out a new session on every CONTROL connect and require to see the client using exactly that one when up-/downloading on DATA. This means: 1. We have to configure the SSL filter on the DATA connection with exactly the same peers. 2. We have to remember the SSL session on the CONTROL connection - separately from the session cache. The SSL filter on the DATA connection then looks for a session at the CONTROL filter and, if present, uses that. Tests: Enable `require_ssl_reuse` in our pytest setup for vsftpd. This reproduces the problem reported in #22225 and verifies the fix. Skip ftp+SSL pytests for rustls, as we have no possibility to reuse sessions in that backend. Schannel: we do not run these tests with the backend. I expect it has similar problems but am not able to verify. Reported-by: Laurent Sabourin Fixes #22225 Closes #22246 |
||
|---|---|---|
| .. | ||
| apple.c | ||
| apple.h | ||
| cipher_suite.c | ||
| cipher_suite.h | ||
| gtls.c | ||
| gtls.h | ||
| hostcheck.c | ||
| hostcheck.h | ||
| keylog.c | ||
| keylog.h | ||
| mbedtls.c | ||
| mbedtls.h | ||
| openssl.c | ||
| openssl.h | ||
| rustls.c | ||
| rustls.h | ||
| schannel.c | ||
| schannel.h | ||
| schannel_int.h | ||
| schannel_verify.c | ||
| vtls.c | ||
| vtls.h | ||
| vtls_config.c | ||
| vtls_config.h | ||
| vtls_int.h | ||
| vtls_scache.c | ||
| vtls_scache.h | ||
| vtls_spack.c | ||
| vtls_spack.h | ||
| wolfssl.c | ||
| wolfssl.h | ||
| x509asn1.c | ||
| x509asn1.h | ||