[PATCH 08 of 20] Tests: enabled session reuse via TLS session tickets

Maxim Dounin mdounin at mdounin.ru
Sat Mar 18 14:15:03 UTC 2023


# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1679140615 -10800
#      Sat Mar 18 14:56:55 2023 +0300
# Node ID 01721a51ba94e022d1f59485b9da490683ac0c2f
# Parent  36b78c9dc2db19bb92becb5cac0090c34538313e
Tests: enabled session reuse via TLS session tickets.

This fixes tests with TLSv1.3 enabled when using BoringSSL, since
for TLSv1.3 it only supports session reuse via TLS session tickets,
and not server-side session cache.

diff --git a/ssl_certificate.t b/ssl_certificate.t
--- a/ssl_certificate.t
+++ b/ssl_certificate.t
@@ -71,7 +71,7 @@ http {
 
     add_header X-SSL $ssl_server_name:$ssl_session_reused;
     ssl_session_cache shared:SSL:1m;
-    ssl_session_tickets off;
+    ssl_session_tickets on;
 
     server {
         listen       127.0.0.1:8080 ssl;
diff --git a/stream_ssl_certificate.t b/stream_ssl_certificate.t
--- a/stream_ssl_certificate.t
+++ b/stream_ssl_certificate.t
@@ -68,7 +68,7 @@ stream {
     }
 
     ssl_session_cache shared:SSL:1m;
-    ssl_session_tickets off;
+    ssl_session_tickets on;
 
     server {
         listen       127.0.0.1:8080 ssl;


More information about the nginx-devel mailing list