[openssl-users] Confused about client side session caching

Angus Robertson - Magenta Systems Ltd angus at magsys.co.uk
Fri Jun 8 09:18:00 UTC 2018

> The get_session_cb is only ever called for servers. The 
> new_sesion_cb and remove_session_cb can be called for clients and
> servers.
> When you refer to the the "TLSv1.3 notes" do you mean this page?
> https://wiki.openssl.org/index.php/TLS1.3

Yes, sorry I should have said SSL_CTX_sess_set_new_cb not set_get_cb.  

> I think new_session_cb and remove_session_cb should work in 1.0.2 
> on clients.

Good, that ties in with my testing, just not with the notes where you
said it worked for clients in 1.1.0, suggesting it might have been
introduced then.  


More information about the openssl-users mailing list