I am trying to get the remaining lifetime of the ticket so that server can decide to renew ticket or not
I have defined callback like this, and it is working. However, the SSL_SESSION_get_ticket_lifetime_hint() always returns zero.
SSL_TICKET_RETURN ticket_dec_cb(SSL *s, SSL_SESSION *ss, const unsigned char *keyname, size_t keyname_len, SSL_TICKET_STATUS status, void *arg) {
SSL_TICKET_RETURN res;
SSL_TICKET_RETURN res;
int lifetime = 0;
switch (status) {
case SSL_TICKET_EMPTY:
case SSL_TICKET_NO_DECRYPT:
res = SSL_TICKET_RETURN_IGNORE_RENEW;
break;
case SSL_TICKET_SUCCESS:
//get_session_ticket_appdata(ssl, ssl_session);
res = SSL_TICKET_RETURN_USE;
break;
case SSL_TICKET_SUCCESS_RENEW:
lifetime = SSL_SESSION_get_ticket_lifetime_hint(ss);
//res = SSL_TICKET_RETURN_USE_RENEW; // generate new ticket
res = SSL_TICKET_RETURN_USE; // reuse old
break;
default:
res = SSL_TICKET_RETURN_IGNORE;
}
return res;
}
switch (status) {
case SSL_TICKET_EMPTY:
case SSL_TICKET_NO_DECRYPT:
res = SSL_TICKET_RETURN_IGNORE_RENEW;
break;
case SSL_TICKET_SUCCESS:
//get_session_ticket_appdata(ssl, ssl_session);
res = SSL_TICKET_RETURN_USE;
break;
case SSL_TICKET_SUCCESS_RENEW:
lifetime = SSL_SESSION_get_ticket_lifetime_hint(ss);
//res = SSL_TICKET_RETURN_USE_RENEW; // generate new ticket
res = SSL_TICKET_RETURN_USE; // reuse old
break;
default:
res = SSL_TICKET_RETURN_IGNORE;
}
return res;
}
Is this the right way? Can someone help please?
