1 files changed, 6 insertions, 17 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index b0fc630236..64e64bf902 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.171 2020/08/31 14:34:01 tb Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.172 2020/09/01 05:32:11 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -844,18 +844,7 @@ tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, int *alert,
                return TLS1_TICKET_NOT_DECRYPTED;
        }
-        switch (tls_decrypt_ticket(s, session_id, &ext_data, alert, ret)) {
+        return tls_decrypt_ticket(s, session_id, &ext_data, alert, ret);
-        case TLS1_TICKET_NOT_DECRYPTED:
-                s->internal->tlsext_ticket_expected = 1;
-                return TLS1_TICKET_NOT_DECRYPTED;
-        case TLS1_TICKET_DECRYPTED:
-                return TLS1_TICKET_DECRYPTED;
-        case TLS1_TICKET_DECRYPTED_RENEW:
-                s->internal->tlsext_ticket_expected = 1;
-                return TLS1_TICKET_DECRYPTED;
-        default:
-                return TLS1_TICKET_FATAL_ERROR;
-        }
 }
 /* tls_decrypt_ticket attempts to decrypt a session ticket.
@@ -869,7 +858,6 @@ tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block, int *alert,
 *    TLS1_TICKET_FATAL_ERROR: error from parsing or decrypting the ticket.
 *    TLS1_TICKET_NOT_DECRYPTED: the ticket couldn't be decrypted.
 *    TLS1_TICKET_DECRYPTED: a ticket was decrypted and *psess was set.
- *    TLS1_TICKET_DECRYPTED_RENEW: same as 3, but the ticket needs to be renewed.
 */
 static int
 tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, int *alert,
@@ -1017,13 +1005,14 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, int *alert,
        sess = NULL;
        if (renew_ticket)
-                ret = TLS1_TICKET_DECRYPTED_RENEW;
+                s->internal->tlsext_ticket_expected = 1;
-        else
-                ret = TLS1_TICKET_DECRYPTED;
+        ret = TLS1_TICKET_DECRYPTED;
        goto done;
 derr:
+        s->internal->tlsext_ticket_expected = 1;
        ret = TLS1_TICKET_NOT_DECRYPTED;
        goto done;

diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index b0fc630236..64e64bf902 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.171 2020/08/31 14:34:01 tb Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.172 2020/09/01 05:32:11 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -844,18 +844,7 @@ tls1_process_ticket(SSL s, CBS session_id, CBS ext_block, int alert,
844	return TLS1_TICKET_NOT_DECRYPTED;	844	return TLS1_TICKET_NOT_DECRYPTED;
845	}	845	}
846		846
847	switch (tls_decrypt_ticket(s, session_id, &ext_data, alert, ret)) {	847	return tls_decrypt_ticket(s, session_id, &ext_data, alert, ret);
848	case TLS1_TICKET_NOT_DECRYPTED:
849	s->internal->tlsext_ticket_expected = 1;
850	return TLS1_TICKET_NOT_DECRYPTED;
851	case TLS1_TICKET_DECRYPTED:
852	return TLS1_TICKET_DECRYPTED;
853	case TLS1_TICKET_DECRYPTED_RENEW:
854	s->internal->tlsext_ticket_expected = 1;
855	return TLS1_TICKET_DECRYPTED;
856	default:
857	return TLS1_TICKET_FATAL_ERROR;
858	}
859	}	848	}
860		849
861	/* tls_decrypt_ticket attempts to decrypt a session ticket.	850	/* tls_decrypt_ticket attempts to decrypt a session ticket.
@@ -869,7 +858,6 @@ tls1_process_ticket(SSL s, CBS session_id, CBS ext_block, int alert,
869	* TLS1_TICKET_FATAL_ERROR: error from parsing or decrypting the ticket.	858	* TLS1_TICKET_FATAL_ERROR: error from parsing or decrypting the ticket.
870	* TLS1_TICKET_NOT_DECRYPTED: the ticket couldn't be decrypted.	859	* TLS1_TICKET_NOT_DECRYPTED: the ticket couldn't be decrypted.
871	* TLS1_TICKET_DECRYPTED: a ticket was decrypted and *psess was set.	860	* TLS1_TICKET_DECRYPTED: a ticket was decrypted and *psess was set.
872	* TLS1_TICKET_DECRYPTED_RENEW: same as 3, but the ticket needs to be renewed.
873	*/	861	*/
874	static int	862	static int
875	tls_decrypt_ticket(SSL s, CBS session_id, CBS ticket, int alert,	863	tls_decrypt_ticket(SSL s, CBS session_id, CBS ticket, int alert,
@@ -1017,13 +1005,14 @@ tls_decrypt_ticket(SSL s, CBS session_id, CBS ticket, int alert,
1017	sess = NULL;	1005	sess = NULL;
1018		1006
1019	if (renew_ticket)	1007	if (renew_ticket)
1020	ret = TLS1_TICKET_DECRYPTED_RENEW;	1008	s->internal->tlsext_ticket_expected = 1;
1021	else	1009
1022	ret = TLS1_TICKET_DECRYPTED;	1010	ret = TLS1_TICKET_DECRYPTED;
1023		1011
1024	goto done;	1012	goto done;
1025		1013
1026	derr:	1014	derr:
		1015	s->internal->tlsext_ticket_expected = 1;
1027	ret = TLS1_TICKET_NOT_DECRYPTED;	1016	ret = TLS1_TICKET_NOT_DECRYPTED;
1028	goto done;	1017	goto done;
1029		1018