SSL_SESSION_set1_ticket ?
Jeremy Harris
jgh at wizmail.org
Wed Apr 10 10:21:08 UTC 2019
On 10/04/2019 11:15, Hubert Kario wrote:
> On Wednesday, 10 April 2019 12:05:21 CEST Jeremy Harris wrote:
>> On 10/04/2019 01:25, Viktor Dukhovni wrote:
>>> With TLS 1.0, 1.1 and 1.2, the the (always new IIRC) session object
>>> associated with the connection object at the completion of each
>>> handshake, will contain any fresh tickets issued by the server.
>>
>> That does not match my observation.
>
> that assumes that the server sends tickets in the first place... but the point
> stands, the TLS 1.2 server cannot provide a session ticket to the client after
> the handshake finished (client received server's Finished message), same for
> even older protocols
I'm not saying the new ticket arrived after the handshake. I can
see the notification of it arriving during the handshake. Yet
the session dumped via i2d... after the handshake is bitwise identical
to that given to d2i... , SSL_set_session before the handshake.
--
Cheers,
Jeremy
More information about the openssl-users
mailing list