Re: SSL_SESSION_set1_ticket ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/04/2019 11:15, Hubert Kario wrote:
> On Wednesday, 10 April 2019 12:05:21 CEST Jeremy Harris wrote:
>> On 10/04/2019 01:25, Viktor Dukhovni wrote:
>>> With TLS 1.0, 1.1 and 1.2, the the (always new IIRC) session object
>>> associated with the connection object at the completion of each
>>> handshake, will contain any fresh tickets issued by the server.
>>
>> That does not match my observation.
> 
> that assumes that the server sends tickets in the first place... but the point 
> stands, the TLS 1.2 server cannot provide a session ticket to the client after 
> the handshake finished (client received server's Finished message), same for 
> even older protocols

I'm not saying the new ticket arrived after the handshake.  I can
see the notification of it arriving during the handshake.  Yet
the session dumped via i2d... after the handshake is bitwise identical
to that given to d2i... , SSL_set_session before the handshake.
-- 
Cheers,
  Jeremy



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux