Hi, I have a question how OpenBSD ftp and session resumption works and can be enabled or used using the option -S session=somepath .
If I remember correctly this option was added at the time to improve the performance of TLS handshakes for fetching OpenBSD packages from HTTPS mirrors. I'd also like to test if this makes a difference for my use-case. Is this option currently enabled and working? I haven't been able to see session resumption being used when testing uses OpenBSD ftp. I've looked in the OpenBSD source-code in ftp and libtls. In libtls it seems to be disabled by default: In lib/libtls/tls.c: /* Disable any form of session caching by default */ SSL_CTX_set_session_cache_mode(ssl_ctx, SSL_SESS_CACHE_OFF); SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TICKET); In OpenBSD ftp in fetch.c in the function ftp_close() it indicates: dprintf(STDERR_FILENO, "tls session resumed: %s\n", tls_conn_session_resumed(*tls) ? "yes" : "no"); But it always has "tls session resumed: no" here. I probably overlooked something, Thanks, -- Kind regards, Hiltjo