[openssl-users] Confused about client side session caching

Matt Caswell matt at openssl.org
Fri Jun 8 11:23:28 UTC 2018

On 08/06/18 10:18, Angus Robertson - Magenta Systems Ltd wrote:
>> The get_session_cb is only ever called for servers. The 
>> new_sesion_cb and remove_session_cb can be called for clients and
>> servers.
>> When you refer to the the "TLSv1.3 notes" do you mean this page?
>> https://wiki.openssl.org/index.php/TLS1.3
> Yes, sorry I should have said SSL_CTX_sess_set_new_cb not set_get_cb.  
>> I think new_session_cb and remove_session_cb should work in 1.0.2 
>> on clients.
> Good, that ties in with my testing, just not with the notes where you
> said it worked for clients in 1.1.0, suggesting it might have been
> introduced then.  

Ah, no. It wasn't the intention to imply that. I amended the text on the
wiki page.


More information about the openssl-users mailing list