Contract of d2i_SSL_SESSION ?

Matt Caswell matt at
Thu Dec 16 12:01:48 UTC 2021

On 16/12/2021 11:57, Jesper Pedersen wrote:
> Hi Matt,
> On 12/16/21 06:48, Matt Caswell wrote:
>> On 16/12/2021 11:42, Jesper Pedersen wrote:
>>> So, a resume on the client side linking up against the existing 
>>> server side.
>> What you are describing is not a resumption. A TLS resumption has a 
>> specific meaning. It involves both a client and a server creating a 
>> new connection based on an abbreviated handshake using parameters from 
>> a previous handshake.
> So, having the i2d_SSL_SESSION of a previous client being used by a new 
> client through SSL_set_session against the same server side connection 
> isn't being considered a resume ?

No. The SSL_SESSION object only encapsulates the state required for a 
resumption handshake. It does *not* encapsulate the state required for a 
currently active connection. There is much more state required than that 
and it is held in the SSL object.


More information about the openssl-users mailing list