[openssl-users] Possible to control session reuse from the client?
Daniel Janzon
janzon at gmail.com
Sat Oct 1 16:05:32 UTC 2016
Hm... Thanks, but I think I miss some piece of the puzzle. How does client
and server side session differ and how do they interact? I thought the TLS
session was always cached on the server side and all the client would have
to do was to send its session ID.
On Fri, Sep 30, 2016 at 12:00 AM Viktor Dukhovni <openssl-users at dukhovni.org>
wrote:
>
> > On Sep 29, 2016, at 11:55 AM, Daniel Janzon <janzon at gmail.com> wrote:
> >
> > For performance testing purposes, I would like to turn off session reuse
> in the (homegrown) client I use for testing. Is there a function in the
> openssl library to do it?
> >
> > I tried googling for "openssl client don't send session id" but I didn't
> find anything useful.
>
> Just do nothing. Client sessions are not reused unless you explicitly
> arrange for reuse of a session by calling SSL_set_session() before
> SSL_connect(). If you're trying to avoid wasting memory on storing
> client-side sessions that you'll never reuse then this may help:
>
> SSL_CTX_set_session_cache_mode(client_ctx, SSL_SESS_CACHE_OFF);
>
> but note this is also the default state, so is also not needed unless
> some other code has explicitly enabled client-side caching of sessions.
>
> Only the server-side cache is enabled by default.
>
> --
> --
> Viktor.
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161001/42161562/attachment.html>
More information about the openssl-users
mailing list