diff options
author | Matt Caswell <matt@openssl.org> | 2018-07-16 16:57:36 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-07-17 10:12:10 +0100 |
commit | 5f26ddff7ee2914782e312621023e10af356de18 (patch) | |
tree | 86f403776357840da3d337268edf57f142719b9b /ssl | |
parent | 04d7814a8038e01dbeb9fd7721d40c1824f553a8 (diff) | |
download | openssl-5f26ddff7ee2914782e312621023e10af356de18.tar.gz |
Always issue new tickets when using TLSv1.3 stateful tickets
Previously we were failing to issue new tickets if a resumption attempt
failed.
Fixes #6654
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6722)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/statem/extensions_srvr.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index ab38a4f11e..f5ab5bb840 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -1014,6 +1014,8 @@ static SSL_TICKET_STATUS tls_get_stateful_ticket(SSL *s, PACKET *tick, { SSL_SESSION *tmpsess = NULL; + s->ext.ticket_expected = 1; + switch (PACKET_remaining(tick)) { case 0: return SSL_TICKET_EMPTY; @@ -1031,7 +1033,6 @@ static SSL_TICKET_STATUS tls_get_stateful_ticket(SSL *s, PACKET *tick, if (tmpsess == NULL) return SSL_TICKET_NO_DECRYPT; - s->ext.ticket_expected = 1; *sess = tmpsess; return SSL_TICKET_SUCCESS; } |