OpenSSL session reuse does not work with TLS_client_method()
Matt Caswell
matt at openssl.org
Wed Sep 15 15:19:03 UTC 2021
Was the original connection that you obtained the session from cleanly
closed down? From the man pages:
"A session will be automatically removed from the session cache and
marked as non-resumable if the connection is not closed down cleanly,
e.g. if a fatal error occurs on the connection or L<SSL_shutdown(3)> is
not called prior to L<SSL_free(3)>."
https://www.openssl.org/docs/man1.1.1/man3/SSL_get_session.html
You can check whether a session is valid for resumption using
SSL_SESSION_is_resumable():
https://www.openssl.org/docs/man1.1.1/man3/SSL_SESSION_is_resumable.html
mATT
On 15/09/2021 12:56, Jaya Muthiah wrote:
> I am trying to reuse SSL_SESSION as below, it works fine when I use
> TLSv1_2_client_method() to create context. However, it does not work
> when I use TLS_client_method().
>
> if (!SSL_set_session(ssl, ssl_session)) {
> //code never reaches here so SSL_set_session is successful
> }
>
> if (SSL_connect(ssl) != 1) {
> return -1;
> }
>
> int reused = SSL_session_reused(ssl); <-- always returns zero for
> TLS_client_method().
>
> ssl_session = SSL_get1_session(ssl); // for future connections
>
> Above code works fine with TLSv1_2_client_method() and
> SSL_session_reused() returns 1, handshake time is also reduced
> considerably. However, if I use TLS_client_method(), reuse does not work
> and SSL_session_reused() returns zero.
>
> Any idea what is wrong? OpenSSL version is 1.1.1.g
More information about the openssl-users
mailing list