Re: [HACKERS] PostgreSQL not setting OpenSSL session id context?

I tested the patch.

Doing SSL_CTX_set_session_cache_mode(context, SSL_SESS_CACHE_OFF) doesn't have any effect whatsoever - I still have the same issue (session id context uninitialized). I suspect session caching is an entirely different feature from session tickets/RFC5077 (although it might still be a good idea to disable).

Doing SSL_CTX_set_options(context, SSL_OP_NO_TICKET) indeed resolves the issue, as expected. As I wrote above, I'd remove the #ifdef and execute it always.

I'm still not convinced of the risk/problem of simply setting the session id context as I explained above (rather than disabling the optimization), but of course either solution resolves my problem.