On Thu, Oct 01, 2009, joshi chandran wrote: > > In OpenSSL 0.9.8j and later extension support is included by default. There > > is > > one extension which is sent automatically: the session ticket extension. If > > you disable this with the appropriate flag then extensions will not be used. > > > > Disabling is to be done at client application ? If this session ticket > extension is send by client and server does not handle this extension, > will the handshake fails? >
It can be disabled in client applications with: SSL_CTX_set_options(ctx, SSL_OP_NO_TICKET); If the server doesn't support the extension or indeed extensions in general the handshake should still succeed. As noted however some broken servers will fail. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
