Fix SSL_set_session_ticket_ext when used with SSLv23_method

author Matt Caswell <matt@openssl.org>

Mon, 27 Jul 2015 12:30:43 +0000 (13:30 +0100)

committer Matt Caswell <matt@openssl.org>

Mon, 27 Jul 2015 15:47:00 +0000 (16:47 +0100)
author Matt Caswell <matt@openssl.org>
Mon, 27 Jul 2015 12:30:43 +0000 (13:30 +0100)
committer Matt Caswell <matt@openssl.org>
Mon, 27 Jul 2015 15:47:00 +0000 (16:47 +0100)
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c

index 3766567c8f80a06063d36b398dbe5deda2a8e878..fc344b92ec0b2361309d79c258ca760bbe54023e 100644 (file)
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -373,12 +373,13 @@ static int ssl23_client_hello(SSL *s)
  
      buf = (unsigned char *)s->init_buf->data;
      if (s->state == SSL23_ST_CW_CLNT_HELLO_A) {
-#if 0
-        /* don't reuse session-id's */
+        /*
+         * Since we're sending s23 client hello, we're not reusing a session, as
+         * we'd be using the method from the saved session instead
+         */
          if (!ssl_get_new_session(s, 0)) {
-            return (-1);
+            return -1;
          }
-#endif
  
          p = s->s3->client_random;
          if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
@@ -439,9 +440,6 @@ static int ssl23_client_hello(SSL *s)
              /*
               * put in the session-id length (zero since there is no reuse)
               */
-#if 0
-            s->session->session_id_length = 0;
-#endif
              s2n(0, d);
  
              if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
@@ -784,13 +782,6 @@ static int ssl23_get_server_hello(SSL *s)
      }
      s->init_num = 0;
  
-    /*
-     * Since, if we are sending a ssl23 client hello, we are not reusing a
-     * session-id
-     */
-    if (!ssl_get_new_session(s, 0))
-        goto err;
-
      return (SSL_connect(s));
   err:
      return (-1);
author	Matt Caswell <matt@openssl.org>
	Mon, 27 Jul 2015 12:30:43 +0000 (13:30 +0100)
committer	Matt Caswell <matt@openssl.org>
	Mon, 27 Jul 2015 15:47:00 +0000 (16:47 +0100)