[openssl-users] how is it possible to confirm that a TLS ticket was used?
Viktor Dukhovni
openssl-users at dukhovni.org
Tue Feb 5 16:33:50 UTC 2019
> On Feb 5, 2019, at 10:41 AM, Sam Roberts <vieuxtech at gmail.com> wrote:
>
>> However, because in TLS 1.3, session
>> tickets are sent *after* the completion of the handshake, it is
>> possible that the session handle you're saving is the one that does
>> not yet have any associated tickets, because they've not yet been
>> received.
>
> I'm saving the session that is passed to the callback in
> SSL_CTX_sess_set_new_cb() as described in
> https://wiki.openssl.org/index.php/TLS1.3#Sessions.
And then? How are you restoring the saved session for re-use?
>
>> posttls-finger: smtp.dukhovni.org[100.2.39.101]:25: Reusing old session
>
> What API are you using to confirm that the ticket was used to resume
> the session? SSL_session_reused?
Yes.
--
Viktor.
More information about the openssl-users
mailing list