On Mon, Feb 4, 2019 at 9:46 PM Viktor Dukhovni <openssl-users@xxxxxxxxxxxx> wrote: > On Mon, Feb 04, 2019 at 03:54:48PM -0800, Sam Roberts wrote: > However, because in TLS 1.3, session > tickets are sent *after* the completion of the handshake, it is > possible that the session handle you're saving is the one that does > not yet have any associated tickets, because they've not yet been > received. I'm saving the session that is passed to the callback in SSL_CTX_sess_set_new_cb() as described in https://wiki.openssl.org/index.php/TLS1.3#Sessions. > posttls-finger: smtp.dukhovni.org[100.2.39.101]:25: Reusing old session What API are you using to confirm that the ticket was used to resume the session? SSL_session_reused? Thanks, Sam -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
