[openssl-users] how is it possible to confirm that a TLS ticket was used?
Sam Roberts
vieuxtech at gmail.com
Tue Feb 5 15:41:05 UTC 2019
On Mon, Feb 4, 2019 at 9:46 PM Viktor Dukhovni
<openssl-users at dukhovni.org> wrote:
> On Mon, Feb 04, 2019 at 03:54:48PM -0800, Sam Roberts wrote:
> However, because in TLS 1.3, session
> tickets are sent *after* the completion of the handshake, it is
> possible that the session handle you're saving is the one that does
> not yet have any associated tickets, because they've not yet been
> received.
I'm saving the session that is passed to the callback in
SSL_CTX_sess_set_new_cb() as described in
https://wiki.openssl.org/index.php/TLS1.3#Sessions.
> posttls-finger: smtp.dukhovni.org[100.2.39.101]:25: Reusing old session
What API are you using to confirm that the ticket was used to resume
the session? SSL_session_reused?
Thanks,
Sam
More information about the openssl-users
mailing list