I tested the patch.

Doing SSL_CTX_set_session_cache_mode(context, SSL_SESS_CACHE_OFF) doesn't
have any effect whatsoever - I still have the same issue (session id
context uninitialized). I suspect session caching is an entirely different
feature from session tickets/RFC5077 (although it might still be a good
idea to disable).

Doing SSL_CTX_set_options(context, SSL_OP_NO_TICKET) indeed resolves the
issue, as expected. As I wrote above, I'd remove the #ifdef and execute it

I'm still not convinced of the risk/problem of simply setting the session
id context as I explained above (rather than disabling the optimization),
but of course either solution resolves my problem.

Reply via email to