Hi, On 26/04/2019 15:57, Jan Just Keijser wrote: > I'd look into the way session tickets are configured and used in > mbedtls, e.g. read up on > https://tls.mbed.org/discussions/generic/what-is-the-correct-way-to-use-session-tickets > > > For OpenSSL, OpenVPN uses SSL_OP_NO_TICKET, i.e. no session tickets are > allowed. I don't know the mbedtls code base well enough, but as a start, > I'd make sure that mbedtls is also configured to NOT accept session > tickets.
PUSH messages are exchanged on the control channel *after* the TLS handshake has completed, therefore I am not sure session tickets can play any role at that point, no? Regards, -- Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
