remove duplicate statement

[openssl.git] / ssl / ssl_asn1.c

diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 9cee3a4086cf5f690b108267cc414c0d4d7cc03b..d7f4c6087e3a9d8ab9d05552ae9e9671a84e2ba1 100644 (file)
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -244,12 +244,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
                 a.tlsext_tick.length= in->tlsext_ticklen;
                 a.tlsext_tick.type=V_ASN1_OCTET_STRING;
                 a.tlsext_tick.data=(unsigned char *)in->tlsext_tick;
-               /* If we have a ticket set session ID to empty because
-                * it will be bogus. If liftime hint is -1 treat as a special
-                * case because the session is being used as a container
-                */
-               if (in->tlsext_ticklen && (in->tlsext_tick_lifetime_hint != -1))
-                       a.session_id.length=0;
                 }
        if (in->tlsext_tick_lifetime_hint > 0)
                {
@@ -363,7 +357,7 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
                             long length)
        {
-       int version,ssl_version=0,i;
+       int ssl_version=0,i;
        long id;
        ASN1_INTEGER ai,*aip;
        ASN1_OCTET_STRING os,*osp;
@@ -377,7 +371,6 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
 
        ai.data=NULL; ai.length=0;
        M_ASN1_D2I_get_x(ASN1_INTEGER,aip,d2i_ASN1_INTEGER);
-       version=(int)ASN1_INTEGER_get(aip);
        if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
 
        /* we don't care about the version right now :-) */
@@ -400,7 +393,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
                        ((unsigned long)os.data[1]<< 8L)|
                         (unsigned long)os.data[2];
                }
-       else if ((ssl_version>>8) == SSL3_VERSION_MAJOR)
+       else if ((ssl_version>>8) >= SSL3_VERSION_MAJOR)
                {
                if (os.length != 2)
                        {
@@ -421,7 +414,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
        ret->cipher_id=id;
 
        M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING);
-       if ((ssl_version>>8) == SSL3_VERSION_MAJOR)
+       if ((ssl_version>>8) >= SSL3_VERSION_MAJOR)
                i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
        else /* if (ssl_version>>8 == SSL2_VERSION_MAJOR) */
                i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
@@ -579,26 +572,6 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
                ret->tlsext_ticklen = os.length;
                os.data = NULL;
                os.length = 0;
-               /* There are two ways to detect a resumed ticket sesion.
-                * One is to set a random session ID and then the server
-                * must return a match in ServerHello. This allows the normal
-                * client session ID matching to work and we know much 
-                * earlier that the ticket has been accepted.
-                * 
-                * The other way is to set zero length session ID when the
-                * ticket is presented and rely on the handshake to determine
-                * session resumption.
-                */ 
-               if (ret->session_id_length == 0)
-                       {
-                       EVP_Digest(ret->tlsext_tick, ret->tlsext_ticklen, 
-                                  ret->session_id, &ret->session_id_length,
-#ifndef OPENSSL_NO_SHA256
-                                       EVP_sha256(), NULL);
-#else
-                                       EVP_sha1(), NULL);
-#endif
-                       }
                }
        else
                ret->tlsext_tick=NULL;