Generate stateless session ID just after the ticket is received instead

[openssl.git] / ssl / ssl_asn1.c

diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 93311eadf6d5f7d5c051b593f051c99b8e653c10..e484a2992ddf6cf682c4f4db3387979a1e9ddec6 100644 (file)
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -244,12 +244,6 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
                 a.tlsext_tick.length= in->tlsext_ticklen;
                 a.tlsext_tick.type=V_ASN1_OCTET_STRING;
                 a.tlsext_tick.data=(unsigned char *)in->tlsext_tick;
-               /* If we have a ticket set session ID to empty because
-                * it will be bogus. If liftime hint is -1 treat as a special
-                * case because the session is being used as a container
-                */
-               if (in->tlsext_ticklen && (in->tlsext_tick_lifetime_hint != -1))
-                       a.session_id.length=0;
                 }
        if (in->tlsext_tick_lifetime_hint > 0)
                {
@@ -579,19 +573,6 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
                ret->tlsext_ticklen = os.length;
                os.data = NULL;
                os.length = 0;
-#if 0
-               /* There are two ways to detect a resumed ticket sesion.
-                * One is to set a random session ID and then the server
-                * must return a match in ServerHello. This allows the normal
-                * client session ID matching to work.
-                */ 
-               if (ret->session_id_length == 0)
-                       {
-                       ret->session_id_length=SSL3_MAX_SSL_SESSION_ID_LENGTH;
-                       RAND_pseudo_bytes(ret->session_id,
-                                               ret->session_id_length);
-                       }
-#endif
                }
        else
                ret->tlsext_tick=NULL;