Re: [openssl-users] SSL_CTX_set_timeout does not work properly
On Wed, Feb 01, 2017 at 11:26:30AM +, Devang Kubavat wrote: > But when I set t=0 in SSL_CTX_set_timeout(ctx,0), I am getting different > behavior. > Session is resumed up to 7200 seconds. Wireshark log shows Ticket Lifetime > Hint: 7200 seconds. Instead of setting a zero-timeout, just disable session resumption: SSL_CTX_set_options(ctx, SSL_OP_NO_TICKET); SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] SSL_CTX_set_timeout does not work properly
Hi, I am using Ticket based Session Resumption in my application. I need to control 'timeout of the session'. So as per the document I can set the timeout of the session using SSL_CTX_set_timeout(SSL_CTX *ctx, long t); I used SSL_CTX_set_timeout(ctx, 500); I am able to resume the session up to 500 seconds and after 500 seconds, the session fails to resume which is as expected. But when I set t=0 in SSL_CTX_set_timeout(ctx,0), I am getting different behavior. Session is resumed up to 7200 seconds. Wireshark log shows Ticket Lifetime Hint: 7200 seconds. According to me the session should not resume. Can anyone please help me why it is behaving like this. Best Regards, Devang -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Openssl 1.0.2k compilation issues
>Am trying to upgrade openssl 1.0.1p to 1.0.2k and the compilation breaks with >the below error and am using Ubuntu 10.04.1 >In file included from req.c:84: >comp.h:28: error: redefinition of typedef 'COMP_METHOD' >../../Build/target/usr/include/openssl/ossl_typ.h:181: error: previous >declaration of 'COMP_METHOD' was here Something is strange. Scrub your build area and restart. ; sed -n -e25,30p crypto/comp/comp.h int (*expand) (COMP_CTX *ctx, unsigned char *out, unsigned int olen, unsigned char *in, unsigned int ilen); /* * The following two do NOTHING, but are kept for backward compatibility */ ; sed -n -e181p crypto/ossl_typ.h typedef struct comp_method_st COMP_METHOD; ; -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users