From 9a896a8c68a5bbc7e0c50b709ff9c34e5453473e Mon Sep 17 00:00:00 2001
From: tb <>
Date: Tue, 1 Sep 2020 05:32:11 +0000
Subject: simplify tls1_process_ticket() exit path

tls1_process_ticket() - the only caller of tls_decrypt_ticket() - ends
in a switch over the return value of tls_decrypt_ticket() to decide
whether or not to set s->internal->tlsext_ticket_expected = 1.

Since tls_decrypt_ticket() already knows what it will return and
partly bases its decision on what to return on whether or not the
ticket needs to be renewed, it can also take care of setting this flag.
This way we don't need to have a confusing switch that conflates some
return values and sets this flag. Moreover, we can get rid of the ugly
TLS1_TICKET_DECRYPTED_RENEW whose only purpose is to signal that the
flag should be set.

ok jsing
---
 src/lib/libssl/ssl_locl.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'src/lib/libssl/ssl_locl.h')

diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 18ff5b0c30..2f8ba1fc09 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.286 2020/08/31 14:34:01 tb Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.287 2020/09/01 05:32:11 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1402,7 +1402,6 @@ int ssl_check_serverhello_tlsext(SSL *s);
 #define TLS1_TICKET_EMPTY		 1
 #define TLS1_TICKET_NOT_DECRYPTED	 2
 #define TLS1_TICKET_DECRYPTED		 3
-#define TLS1_TICKET_DECRYPTED_RENEW	 4
 
 int tls1_process_ticket(SSL *s, CBS *session_id, CBS *ext_block,
     int *alert, SSL_SESSION **ret);
-- 
cgit v1.2.3-55-g6feb