TS-4104: return 1 on a new ticket created#400
Conversation
|
Both HTTPD and NGiNX return a 0 in this case: However, looking at the documentation it does sound like a 1 should be returned. Does the behavior change when you return a 1? OpenSSL docs: |
|
please checking log message in the JIRA Issue TS-4104 for the different between 0 and 1. according the logs, handshake restart if return 0 or handshake finished if return 1. |
|
@oknet What log are you referring to? I ran ATS with traffic_server -T ssl and didn't see a difference in the debug messages. Also, I session ticket was created and able to be reused in both cases. I was using openssl on the command line with: |
|
Were you able to confirm issue and fix with wireshark? Should be easy enough to see if session ticket is generated in both cases. OpenSSL should set enc=1 when either no ticket is presented, so it could be triggered without setting a ticket on a test client. You should then be able to see the new session in ticket as plain text in the handshake. |
|
@bryancall the traffic.out log for current ATS release: [Dec 28 21:01:12.742] Server {0x2b052fe4b700} DEBUG: (ssl) create ticket for a new session. the traffic.out log if return 1 here: [Dec 30 12:47:16.838] Server {0x2b6ec9340700} DEBUG: (ssl) create ticket for a new session. |
|
With and without the return code change I get: I am running Fedora 23 with updated package and openssl-1.0.2e-3.fc23.x86_64. What OS are you running? My config: |
|
my baseOS is Debian 7.8,but the openssl upgraded to 1.0.2d with testing |
…che#8890) (apache#400) * Update slice to only prefetch when first block is miss/hit-stale * Remove plugin dependency, add cache status header between slice and crr * Only enable prefetching from CRR on 206 partial case from origin * Update header type, fix 206 case for 304 in CRR, allow header to be used for debugging Co-authored-by: Serris Lew <lserris@apple.com> Co-authored-by: Serris Lew <serrisnlew@gmail.com>
ref: https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_set_tlsext_ticket_key_cb.html