Contract of d2i_SSL_SESSION ?
Matt Caswell
matt at openssl.org
Thu Dec 16 12:01:48 UTC 2021
On 16/12/2021 11:57, Jesper Pedersen wrote:
> Hi Matt,
>
> On 12/16/21 06:48, Matt Caswell wrote:
>> On 16/12/2021 11:42, Jesper Pedersen wrote:
>>> So, a resume on the client side linking up against the existing
>>> server side.
>>
>> What you are describing is not a resumption. A TLS resumption has a
>> specific meaning. It involves both a client and a server creating a
>> new connection based on an abbreviated handshake using parameters from
>> a previous handshake.
>>
>
> So, having the i2d_SSL_SESSION of a previous client being used by a new
> client through SSL_set_session against the same server side connection
> isn't being considered a resume ?
No. The SSL_SESSION object only encapsulates the state required for a
resumption handshake. It does *not* encapsulate the state required for a
currently active connection. There is much more state required than that
and it is held in the SSL object.
Matt
More information about the openssl-users
mailing list