diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 35f04afa4a..9ce726996d 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -734,6 +734,13 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, | |||
| 734 | /* Point after session ID in client hello */ | 734 | /* Point after session ID in client hello */ |
| 735 | const unsigned char *p = session_id + len; | 735 | const unsigned char *p = session_id + len; |
| 736 | unsigned short i; | 736 | unsigned short i; |
| 737 | |||
| 738 | /* If tickets disabled behave as if no ticket present | ||
| 739 | * to permit stateful resumption. | ||
| 740 | */ | ||
| 741 | if (SSL_get_options(s) & SSL_OP_NO_TICKET) | ||
| 742 | return 1; | ||
| 743 | |||
| 737 | if ((s->version <= SSL3_VERSION) || !limit) | 744 | if ((s->version <= SSL3_VERSION) || !limit) |
| 738 | return 1; | 745 | return 1; |
| 739 | if (p >= limit) | 746 | if (p >= limit) |
| @@ -761,12 +768,7 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, | |||
| 761 | return 1; | 768 | return 1; |
| 762 | if (type == TLSEXT_TYPE_session_ticket) | 769 | if (type == TLSEXT_TYPE_session_ticket) |
| 763 | { | 770 | { |
| 764 | /* If tickets disabled indicate cache miss which will | 771 | /* If zero length note client will accept a ticket |
| 765 | * trigger a full handshake | ||
| 766 | */ | ||
| 767 | if (SSL_get_options(s) & SSL_OP_NO_TICKET) | ||
| 768 | return 0; | ||
| 769 | /* If zero length not client will accept a ticket | ||
| 770 | * and indicate cache miss to trigger full handshake | 772 | * and indicate cache miss to trigger full handshake |
| 771 | */ | 773 | */ |
| 772 | if (size == 0) | 774 | if (size == 0) |