[openssl-users] SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); has no effect with TLS 1.3
a.cudbardb at freeradius.org
Wed Jan 23 13:01:35 UTC 2019
As per the subject line:
does not seem to disable generation of stateless tickets with TLS 1.3:
is also required to prevent the tickets being generated.
There's no mention of this additional call on the SSL_CTX_set_session_cache_mode pages (but is documented elsewhere).
It really seems like SSL_SESS_CACHE_OFF should also disable TLS1.3 session tickets if the intent is for TLS 1.3 to mostly be a drop in replacement for TLS <= 1.2. A user upgrades OpenSSL library and suddenly session resumption enabled where it wasn't before... that doesn't seem right.
In our case this broke our session_resumption control toggle, where 'session_resumption = no' prevented our EAP server implementation from presenting tickets with TLS <= 1.2 but still allowed them if TLS 1.3 was negotiated.
Disabling session resumption is more important with EAP methods like EAP-TTLS and EAP-PEAP because it controls whether phase 2 runs or not - phase 2 being where the actual credential validation happens.
This was tested with current OpensSL master HEAD. Can test with the 1.1.* branch if that'd help.
More information about the openssl-users