diff options
author | Matt Caswell <matt@openssl.org> | 2018-05-08 16:28:44 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-05-11 14:51:08 +0100 |
commit | 2448bb8cf71b383d39433f8af891232c60392868 (patch) | |
tree | 1f0c2946df21ad7bf705690025f59fed26564e54 /doc/man3/SSL_CTX_set_session_ticket_cb.pod | |
parent | c0638adeec58327f79d4bf549766f4cb094a1e2e (diff) | |
download | openssl-2448bb8cf71b383d39433f8af891232c60392868.tar.gz |
Document when a new session ticket gets created on resumption
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6198)
Diffstat (limited to 'doc/man3/SSL_CTX_set_session_ticket_cb.pod')
-rw-r--r-- | doc/man3/SSL_CTX_set_session_ticket_cb.pod | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/man3/SSL_CTX_set_session_ticket_cb.pod b/doc/man3/SSL_CTX_set_session_ticket_cb.pod index c7b51dd16b..3066534223 100644 --- a/doc/man3/SSL_CTX_set_session_ticket_cb.pod +++ b/doc/man3/SSL_CTX_set_session_ticket_cb.pod @@ -77,6 +77,12 @@ the key that was used to encrypt the session ticket. When the B<gen_cb> callback is invoked, the SSL_get_session() function can be used to retrieve the SSL_SESSION for SSL_SESSION_set1_ticket_appdata(). +By default, in TLSv1.2 and below, a new session ticket is not issued on a +successful resumption and therefore B<gen_cb> will not be called. In TLSv1.3 the +default behaviour is to always issue a new ticket on resumption. In both cases +this behaviour can be changed if a ticket key callback is in use (see +L<SSL_CTX_set_tlsext_ticket_key_cb(3)>). + =head1 RETURN VALUES The SSL_CTX_set_session_ticket_cb(), SSL_SESSION_set1_ticket_appdata() and |