/openssl/test/ssl-tests/ |
H A D | 06-sni-ticket.cnf | 5 test-0 = 0-sni-session-ticket 6 test-1 = 1-sni-session-ticket 7 test-2 = 2-sni-session-ticket 8 test-3 = 3-sni-session-ticket 9 test-4 = 4-sni-session-ticket 10 test-5 = 5-sni-session-ticket 11 test-6 = 6-sni-session-ticket 24 [0-sni-session-ticket] 66 [1-sni-session-ticket] 110 [2-sni-session-ticket] [all …]
|
H A D | 27-ticket-appdata.cnf | 5 test-0 = 0-session-ticket-app-data12 6 test-1 = 1-session-ticket-app-data12 7 test-2 = 2-session-ticket-app-data13 8 test-3 = 3-session-ticket-app-data13 11 [0-session-ticket-app-data12] 14 [0-session-ticket-app-data12-ssl] 20 [0-session-ticket-app-data12-server] 48 [1-session-ticket-app-data12] 51 [1-session-ticket-app-data12-ssl] 80 [2-session-ticket-app-data13] [all …]
|
H A D | 27-ticket-appdata.cnf.in | 10 ## Test session ticket app data 20 "name" => "session-ticket-app-data12", 40 "name" => "session-ticket-app-data12", 59 "name" => "session-ticket-app-data13", 79 "name" => "session-ticket-app-data13",
|
H A D | protocol_version.pm | 265 foreach my $ticket ("SessionTicket", "-SessionTicket") { 276 "Options" => $ticket, 281 "Options" => $ticket, 301 "Options" => $ticket,
|
H A D | 06-sni-ticket.cnf.in | 28 my $session_id_result = "Yes"; # always, even with a ticket 30 "name" => "sni-session-ticket", 78 "name" => "sni-session-ticket",
|
/openssl/doc/man3/ |
H A D | SSL_CTX_set_session_ticket_cb.pod | 64 application that a session ticket has just been decrypted. 71 action, as it is called even if ticket decryption fails. 74 the key that was used to encrypt the session ticket. 82 Empty ticket present. No ticket data will be used and a new ticket should be 84 valid for a client to send an empty ticket. 88 The ticket couldn't be decrypted. No ticket data will be used and a new ticket 93 A ticket was successfully decrypted, any session ticket application data should 115 Do not use a ticket (if one was available). Do not send a renewed ticket to the 120 Do not use a ticket (if one was available). Send a renewed ticket to the client. 128 Use the ticket. Do not send a renewed ticket to the client. It is an error for [all …]
|
H A D | SSL_SESSION_has_ticket.pod | 7 - get details about the ticket associated with a session 24 associated with the session ticket. 26 SSL_SESSION_get0_ticket obtains a pointer to the ticket associated with a 27 session. The length of the ticket is written to B<*len>. If B<tick> is non 28 NULL then a pointer to the ticket is written to B<*tick>. The pointer is only 29 valid while the connection is in use. The session (and hence the ticket pointer) 34 SSL_SESSION_has_ticket() returns 1 if session ticket exists or 0 otherwise.
|
H A D | SSL_CTX_set_tlsext_ticket_key_cb.pod | 7 - set a callback for session ticket processing 36 session when session ticket extension is presented in the TLS hello 41 ticket construction state according to RFC5077 Section 4 such that per session 45 In order to reuse a session, a TLS client must send the a session ticket 46 extension to the server. The client can only send exactly one session ticket. 48 ticket information or it starts a full TLS handshake to create a new session 49 ticket. 56 an attempted retrieval of the ticket failed, or a renew option was indicated, 82 If the I<name> is still valid but a renewal of the ticket is required the 84 with an argument of enc equal to 1 to set the new ticket. [all …]
|
H A D | SSL_CTX_set_num_tickets.pod | 47 ticket be sent when it is safe to do so. New tickets are only allowed to be 49 TLS 1.3 connections. By default, the ticket generation and transmission are 53 SSL_new_session_ticket() was called, the ticket can be sent immediately 59 SSL_new_session_ticket() indicates only that the request to send a ticket was 60 processed, not that the ticket itself was sent. To be notified when the 61 ticket itself is sent, a new-session callback can be registered with 62 L<SSL_CTX_sess_set_new_cb(3)> that will be invoked as the ticket or tickets
|
H A D | SSL_CTX_set_timeout.pod | 45 This timeout value is used as the ticket lifetime hint for stateless session 46 tickets. It is also used as the timeout value within the ticket itself. 53 of 0 for the ticket lifetime hint.
|
H A D | SSL_CTX_set_options.pod | 273 When using stateless session tickets the server uses a session ticket encryption 275 client as a "ticket". When the client wishes to resume it sends the encrypted 281 ids. However, OpenSSL allows two modes of ticket operation in TLSv1.3: stateful 285 in a ticket and sent back to the client. When the client wishes to resume, it 286 presents a ticket in the same way as for stateless tickets. The server can then 287 extract the session id from the ticket and retrieve the session information from 292 ticket gets sent to the client at all. In TLSv1.3 a stateful ticket will be
|
H A D | SSL_shutdown.pod | 39 has sent a session ticket to establish a session, the client might not be able 40 to resume the session because it did not received and process the session ticket
|
H A D | SSL_CONF_cmd.pod | 253 OpenSSL will automatically detect if a session ticket has been used more than 255 full handshake is forced if a session ticket is used a second or subsequent 459 B<SessionTicket>: session ticket support, enabled by default. Inverse of 514 B<AntiReplay>: If set then OpenSSL will automatically detect if a session ticket 516 enabled on the server. A full handshake is forced if a session ticket is used a
|
H A D | SSL_read_early_data.pod | 91 using a ticket based PSK then this is set automatically to the value provided by 291 attempts to reuse a session ticket more than once, then the second and 300 whenever a session ticket is issued. When a client attempts to resume the
|
/openssl/util/perl/TLSProxy/ |
H A D | NewSessionTicket.pm | 33 $self->{ticket} = ""; 44 my $ticket = substr($self->data, 6, $ticket_len); 47 $self->ticket($ticket); 58 $data .= pack('n', length($self->ticket)); 59 $data .= $self->ticket; 73 sub ticket subroutine 77 $self->{ticket} = shift; 79 return $self->{ticket};
|
/openssl/test/ |
H A D | README.ssltest.md | 79 * SessionTicketExpected - whether or not a session ticket is expected 80 - Ignore - do not check for a session ticket (default) 81 - Yes - a session ticket is expected 82 - No - a session ticket is not expected 181 * BrokenSessionTicket - a special test case where the session ticket callback
|
/openssl/include/openssl/ |
H A D | ssl.h.in | 355 /* Don't use RFC4507 ticket extension */ 2473 /* Support for ticket appdata */ 2478 /* No ticket present */ 2480 /* Empty ticket present */ 2482 /* the ticket couldn't be decrypted */ 2484 /* a ticket was successfully decrypted */ 2486 /* same as above but the ticket needs to be renewed */ 2494 /* Do not use the ticket, do not send a renewed ticket to the client */ 2496 /* Do not use the ticket, send a renewed ticket to the client */ 2498 /* Use the ticket, do not send a renewed ticket to the client */ [all …]
|
/openssl/test/recipes/ |
H A D | 70-test_sslsessiontick.t | 160 $message->ticket("");
|
/openssl/ssl/ |
H A D | ssl_sess.c | 148 SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) in ssl_session_dup() argument 228 if (ticket != 0 && src->ext.tick != NULL) { in ssl_session_dup()
|
H A D | ssl_local.h | 2467 __owur SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket);
|
/openssl/doc/man1/ |
H A D | openssl-s_server.pod.in | 622 Disable RFC4507bis session ticket support. This option has no effect if TLSv1.3 814 automatically detect if a session ticket has been used more than once, TLSv1.3 816 is forced if a session ticket is used a second or subsequent time. Any early
|
H A D | openssl-s_client.pod.in | 688 Disable RFC4507bis session ticket support.
|
/openssl/ |
H A D | CHANGES.md | 5197 * Malformed SHA512 ticket DoS 5204 a custom server callback and ticket lookup mechanism. 5772 a double free of the ticket data. 6398 * Malformed SHA512 ticket DoS 6405 a custom server callback and ticket lookup mechanism. 6943 a double free of the ticket data. 7729 presented a ticket with an expired session. 8016 a double free of the ticket data. 9034 The SSL_CTX structure automatically generates keys for ticket 10177 The SSL_CTX structure automatically generates keys for ticket [all …]
|
H A D | NEWS.md | 230 * Configurable session ticket support 456 * Malformed SHA512 ticket DoS ([CVE-2016-6302]) 557 * Malformed SHA512 ticket DoS ([CVE-2016-6302])
|
/openssl/crypto/err/ |
H A D | openssl.txt | 1386 SSL_R_INVALID_TICKET_KEYS_LENGTH:325:invalid ticket keys length
|