[openssl-users] SSL_CTX_set_timeout does not work properly

Devang Kubavat devang.kubavat at in.abb.com
Wed Feb 1 11:26:30 UTC 2017


I am using Ticket based Session Resumption in my application. I need to control 'timeout of the session'. So as per the document I can set the timeout of the session using SSL_CTX_set_timeout(SSL_CTX *ctx, long t);

I used SSL_CTX_set_timeout(ctx, 500);
I am able to resume the session up to 500 seconds and after 500 seconds, the session fails to resume which is as expected.

But when I set t=0 in SSL_CTX_set_timeout(ctx,0), I am getting different behavior.
Session is resumed up to 7200 seconds. Wireshark log shows Ticket Lifetime Hint: 7200 seconds.

According to me the session should not resume. Can anyone please help me why it is behaving like this.

Best Regards,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170201/cf8e3d21/attachment.html>

More information about the openssl-users mailing list