[openssl-dev] TLS session ticket extension problem when using the ssl23_client_hello method
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Jul 23 14:38:10 UTC 2015
On Thu, Jul 23, 2015 at 02:21:31PM +0000, Ian McFadries (imcfadri) wrote:
> I do call SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3) so
> the client hello message starts with a TLSv1.2, and will negotiate as low
> as TLSv1.0. Under this context, the ssl23_client_hello method is being
> called
When SSL_OP_NO_SSLv2 is present, the same extensions should be
produced with TLSv1_client_method() as SSLv23_client_method().
If prior beginning the handshake you've loaded a session for re-use,
and that session has an associated session ticket, the session
ticket extension should be sent by the client.
--
Viktor.
More information about the openssl-dev
mailing list