On Thu, May 09, 2013, Viktor Dukhovni wrote: > On Thu, May 09, 2013 at 12:11:38AM +0000, Viktor Dukhovni wrote: > > > Has anyone seen the type of problem reported on the postfix-users list > > today? > > > > http://archives.neohapsis.com/archves/postfix/2013-05/0158.html > > > > (and earlier posts upthread). > > > > TLS handshakes without session resumption succeed, while resumed > > sessions always fail, with the server sending a zero-length "finished" > > message (which encrypts to 32 bytes). I don't yet which TLS toolkit > > the server is running. The version of OpenSSL on the client does > > not seem to matter. > > However disabling TLS extensions in the client does. With "no-tlsext", > the server does not resume past sessions. Perhaps the server's > implementation of session tickets is the culprit. Has anyone else > observed such servers in the wild? >
Try it with -no_ticket Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
