Hi, everyone. I'm trying to enable session caching, but my server doesn't seem to send a session ID.
According to http://www.openssl.org/docs/ssl/SSL_CTX_set_session_id_context.html, all I have to do is invoke SSL_CTX_set_session_id_context() with a pointer to a string (or binary data) and the length of that string. I've done this and the desired session ID and length are correct in both the SSL_CTX structure and (during SSL_accept) in the SSL structure. However, in the Server Hello message, the session ID length is always zero. The client that connects shows a zero-length session ID, which would seem to be consistent with not sendig an ID. I'm using anonymous TLS, so there are no certificates in the server context. The code that I'm using to set up the context is: netSSLServerContextPtr = SSL_CTX_new(TLSv1_server_method()); SSL_CTX_set_options(netSSLServerContextPtr, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); SSL_CTX_set_session_cache_mode(netSSLServerContextPtr, SSL_SESS_CACHE_BOTH); SSL_CTX_set_session_id_context(netSSLServerContextPtr, netSslSessionIdContext, sizeof(netSslSessionIdContext)); SSL_CTX_set_mode(netSSLServerContextPtr, SSL_MODE_AUTO_RETRY); I've tried this with netSslSessionIdContext indicating both 17- and ten-byte-long strings; neither work, so it seems not to be a string length mismatch issue. What have I missed? Thanks very much, Paul ___________________________________ Paul A. Suhler | Firmware Engineer | Quantum Corporation | Office: 949.856.7748 | paul.suh...@quantum.com ___________________________________ Disregard the Quantum Corporation confidentiality notice below. The information contained in this transmission is not confidential. Permission is hereby explicitly granted to disclose, copy, and further distribute to any individuals or organizations, without restriction.
