I am using Ticket based Session Resumption in my application. I need to control ‘timeout of the session’. So as per the document I can set the timeout of the session using
SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
I used SSL_CTX_set_timeout(ctx, 500);
I am able to resume the session up to 500 seconds and after 500 seconds, the session fails to resume which is as expected.
But when I set t=0 in SSL_CTX_set_timeout(ctx,0), I am getting different behavior.
Session is resumed up to 7200 seconds. Wireshark log shows Ticket Lifetime Hint: 7200 seconds.
According to me the session should not resume. Can anyone please help me why it is behaving like this.