Default value of a session resumption timeout (300 seconds vs 7200 seconds)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi list,

The session reuse question posted on the mailing list earlier (https://mta.openssl.org/pipermail/openssl-users/2021-January/013360.html) reminded of a somewhat similar question I have.

As per the docs, https://www.openssl.org/docs/man1.0.2/man3/SSL_get_default_timeout.html, it says the default value is 300 seconds for which a session resuse will be accepted. The docs say that it is the same for all protocols.

However I tried it with my setup where I didn't explicitly set the timeout and I am getting 7200 seconds as the default value. s_client output: TLS session ticket lifetime hint: 7200 (seconds). My client openssl.conf has no setting override (not that it should matter because this is a server preference). No OpenSSL settings on the server have been modified as well. 

In ssl/ssl_sess.c#L80, the code matches the document: ss->timeout = 60 * 5 + 4;   /* 5 minute timeout by default */ ... (with additional four seconds?)

I have noticed similar outputs (7200 seconds) from searching about this question so seems like I am not the only one. What is the reason for this discrepancy and is the value 300 seconds or 7200 seconds?

- JT



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux