summaryrefslogtreecommitdiff
path: root/lib/libssl/t1_lib.c
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2009-01-05 21:36:40 +0000
committerDamien Miller <djm@cvs.openbsd.org>2009-01-05 21:36:40 +0000
commite3e8dff41f7ab5012303998d65d07ce01ada07e2 (patch)
treec6cef98b54fd1efd88b1c72165b5f7c8f71b2c3b /lib/libssl/t1_lib.c
parentf751973bbcd73eee61aa30d9dd8eee9e79df852c (diff)
update to openssl-0.9.8i; tested by several, especially krw@
Diffstat (limited to 'lib/libssl/t1_lib.c')
-rw-r--r--lib/libssl/t1_lib.c14
1 files changed, 8 insertions, 6 deletions
diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c
index 35f04afa4a7..9ce726996d9 100644
--- a/lib/libssl/t1_lib.c
+++ b/lib/libssl/t1_lib.c
@@ -734,6 +734,13 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
/* Point after session ID in client hello */
const unsigned char *p = session_id + len;
unsigned short i;
+
+ /* If tickets disabled behave as if no ticket present
+ * to permit stateful resumption.
+ */
+ if (SSL_get_options(s) & SSL_OP_NO_TICKET)
+ return 1;
+
if ((s->version <= SSL3_VERSION) || !limit)
return 1;
if (p >= limit)
@@ -761,12 +768,7 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
return 1;
if (type == TLSEXT_TYPE_session_ticket)
{
- /* If tickets disabled indicate cache miss which will
- * trigger a full handshake
- */
- if (SSL_get_options(s) & SSL_OP_NO_TICKET)
- return 0;
- /* If zero length not client will accept a ticket
+ /* If zero length note client will accept a ticket
* and indicate cache miss to trigger full handshake
*/
if (size == 0)
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-29 04:20:42 +0000