Hello!
On Mon, Apr 13, 2020 at 11:40:18PM +0300, Alexander Smirnov wrote:
> I'm working on a project that is completely unrelated to nginx.
> Just found a bug as I thought. Regardless of how common some configuration
> mode is – it should work correctly.
> I don't think that fix for this will
I'm working on a project that is completely unrelated to nginx.
Just found a bug as I thought. Regardless of how common some configuration
mode is – it should work correctly.
I don't think that fix for this will somehow significantly change my
experience with nginx, but I have time to fix it and
Hello!
On Mon, Apr 13, 2020 at 09:29:05PM +0300, Alexander Smirnov wrote:
> Hello,
>
> Thank you for your response.
>
> So there are two options:
>
> * Fix from the nginx side. But with respect not only to 'session_tickets
> off' but 'session_cache off'.
> * Fix from OpenSSL side.
>
> Do I
Hello,
Thank you for your response.
So there are two options:
* Fix from the nginx side. But with respect not only to 'session_tickets
off' but 'session_cache off'.
* Fix from OpenSSL side.
Do I understand right that you won't accept a fix from nginx side and I
should file an issue to OpenSSL
Hello!
On Sun, Apr 12, 2020 at 10:12:48PM +0300, Alexander Smirnov wrote:
> I have found that in TLS 1.3 mode nginx doesn't fully disable session
> tickets even with
>
> session_tickets off;
>
> According to https://www.openssl.org/docs/man1.1.1/man3/SSL_get_options.html
>
>
>
Hello,
I have found that in TLS 1.3 mode nginx doesn't fully disable session
tickets even with
session_tickets off;
According to https://www.openssl.org/docs/man1.1.1/man3/SSL_get_options.html
SSL_CTX_set_options(conf->ssl.ctx, SSL_OP_NO_TICKET);
is not enough to disable session tickets. It