Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
crypto/tls: clients don't delete tickets that fail handshakes from ClientSessionCache #24919
Please answer these questions before submitting your issue. Thanks!
What version of Go are you using (
The correct fix is to add a
A hack that could work is to replace the value stored in the cache with
Thoughts, @FiloSottile ?
When a server accepts a session ticket presented by a client, but the TLS handshake fails, RFC 5077 recommends that the client delete the ticket. Because adding a full Delete method to the interface for ClientSessionCache would break existing implementations, we have the handshake implementation put a nil value instead. Fixes golang#24919