[PATCH] SSL: respect session timeout in configs without session cache.
mdounin at mdounin.ru
Thu Oct 10 22:51:11 UTC 2013
On Thu, Oct 10, 2013 at 01:17:14PM -0700, Piotr Sikora wrote:
> Hey Maxim,
> > I don't see a real reason for the API change, and direct use of
> > SSL_CTX_set_timeout() in http/mail ssl modules. What about this
> > instead:
> While your patch fixes the issue, I personally don't like the fact
> that session timeout is being set within code block responsible for
> session cache logic because it simply doesn't belong there.
The SSL_CTX_set_timeout is a function which is documented to
"manipulate timeout values for session caching" , and it looks
quite reasonable for me to be set in a block responsible for
session cache logic.
I would rather think about TLS Session Tickets as a specific way
to cache sessions.
More information about the nginx-devel