DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

OpenSSL: Do not send out a TLS 1.3 session ticket if caching disabled

Browse source 
Do not provide TLS 1.3 session tickets if session caching is disabled.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
Jouni Malinen 2022-05-02 17:31:28 +03:00 committed by Jouni Malinen
parent 05406f7ae8
commit decac7cd1e
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/crypto/tls_openssl.c
View file

@ -1112,6 +1112,9 @@ void * tls_init(const struct tls_config *conf)
#endif #endif
} else { } else {
SSL_CTX_set_session_cache_mode(ssl, SSL_SESS_CACHE_OFF); SSL_CTX_set_session_cache_mode(ssl, SSL_SESS_CACHE_OFF);
#if OPENSSL_VERSION_NUMBER >= 0x10101000L
SSL_CTX_set_num_tickets(ssl, 0);
#endif
} }
if (tls_ex_idx_session < 0) { if (tls_ex_idx_session < 0) {