[openssl-users] SSL_CTX_set_timeout does not work properly
devang.kubavat at in.abb.com
Wed Feb 1 11:26:30 UTC 2017
I am using Ticket based Session Resumption in my application. I need to control 'timeout of the session'. So as per the document I can set the timeout of the session using SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
I used SSL_CTX_set_timeout(ctx, 500);
I am able to resume the session up to 500 seconds and after 500 seconds, the session fails to resume which is as expected.
But when I set t=0 in SSL_CTX_set_timeout(ctx,0), I am getting different behavior.
Session is resumed up to 7200 seconds. Wireshark log shows Ticket Lifetime Hint: 7200 seconds.
According to me the session should not resume. Can anyone please help me why it is behaving like this.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users