And is it possible that this is different for TLS1.2 and 1.3? Using TLS1.3, SSL_session_reused() is always returning false, I'm not sure if that's because I'm doing something else wrong, and the ticket is not being accepted and a full handshake is occurring, or if the API literally only signals "session reuse" not "tls ticket" reuse. Its also not clear from the docs if this API is supposed to work for both client & server sides. With TLS1.2, I notice that the cb to SSL_CTX_sess_set_new_cb() occurs when a session is NOT reused (and I guess a new ticket is issued), but in situation that I would expect the session to be resumed, I don't get the callback. I assume this is because it doesn't make sense to issue more tickets for a resumed connection? This gives me some confidence that ticket use is occurring. For 1.3, I'm always getting the callback (twice per connection, of course), which makes me think that somehow my ticket reuse code is working only for 1.2. For both, I'm getting the session in the new session callback, and then setting it with SSL_set_session(), so I'd expect resumption to work for either protocol. Thanks, Sam -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
