diff options
author | lloyd <[email protected]> | 2012-03-23 17:17:05 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-03-23 17:17:05 +0000 |
commit | 9c67e7a9b20c87e6709346d75edaf951aa4c2eb5 (patch) | |
tree | e1ea1f5ad63dbfd4b311aaed6787c34d6c911c5e /doc | |
parent | 9208e05246aa3f3085a45f85e3c9f2844828f73e (diff) |
Revert the session_ticket callback in credentials manager. If a PSK
manager is being used, it could be easily used for session tickets as
well, and if it's not the generate-on-first-call technique is easy to
write.
Avoid offering the session ticket extension if we know we don't have a
key. For one thing it will cause us to avoid using stateful sessions,
but additionally OpenSSL 1.0.1 is very intolerant of empty
NewSessionTicket messages so definitely worth avoiding when we can.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/tls.txt | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/doc/tls.txt b/doc/tls.txt index 8c2b815b6..dd4fb1270 100644 --- a/doc/tls.txt +++ b/doc/tls.txt @@ -98,7 +98,10 @@ TLS Clients The *handshake_complete* function is called when a handshake (either initial or renegotiation) is completed. The return value of the callback specifies if the session should be cached for later - resumption. + resumption. If the function for some reason desires to prevent the + connection from completing, it should throw an exception + (preferably a TLS_Exception, which can provide more specific alert + information to the counterparty). The *session_manager* is an interface for storing TLS sessions, which allows for session resumption upon reconnecting to a server. |