I am trying to get the remaining lifetime of the ticket so that server can
decide to renew ticket or not
I have defined callback like this, and it is working. However, the
SSL_SESSION_get_ticket_lifetime_hint() always returns zero.
SSL_CTX_set_session_ticket_cb(ctx->ctx, ticket_gen_cb, ticket_dec_cb, NULL);
SSL_TICKET_RETURN ticket_dec_cb(SSL *s, SSL_SESSION *ss, const unsigned
char *keyname, size_t keyname_len, SSL_TICKET_STATUS status, void *arg) {
SSL_TICKET_RETURN res;
int lifetime = 0;
switch (status) {
case SSL_TICKET_EMPTY:
case SSL_TICKET_NO_DECRYPT:
res = SSL_TICKET_RETURN_IGNORE_RENEW;
break;
case SSL_TICKET_SUCCESS:
//get_session_ticket_appdata(ssl, ssl_session);
res = SSL_TICKET_RETURN_USE;
break;
case SSL_TICKET_SUCCESS_RENEW:
lifetime = SSL_SESSION_get_ticket_lifetime_hint(ss);
//res = SSL_TICKET_RETURN_USE_RENEW; // generate
new ticket
res = SSL_TICKET_RETURN_USE; // reuse old
break;
default:
res = SSL_TICKET_RETURN_IGNORE;
}
return res;
}
Is this the right way? Can someone help please?
