+ return ret;
+}
+
+/*-
+ * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
+ * connection. It is only called by servers.
+ *
+ * hello: The parsed ClientHello data
+ *
+ * Returns:
+ * -1: fatal error
+ * 0: no session found
+ * 1: a session may have been found.
+ *
+ * Side effects:
+ * - If a session is found then s->session is pointed at it (after freeing an
+ * existing session if need be) and s->verify_result is set from the session.
+ * - Both for new and resumed sessions, s->ext.ticket_expected is set to 1
+ * if the server should issue a new session ticket (to 0 otherwise).
+ */
+int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
+{
+ /* This is used only by servers. */
+
+ SSL_SESSION *ret = NULL;
+ int fatal = 0;
+ int try_session_cache = 0;
+ SSL_TICKET_STATUS r;
+
+ if (SSL_IS_TLS13(s)) {
+ /*
+ * By default we will send a new ticket. This can be overridden in the
+ * ticket processing.
+ */
+ s->ext.ticket_expected = 1;
+ if (!tls_parse_extension(s, TLSEXT_IDX_psk_kex_modes,
+ SSL_EXT_CLIENT_HELLO, hello->pre_proc_exts,
+ NULL, 0)
+ || !tls_parse_extension(s, TLSEXT_IDX_psk, SSL_EXT_CLIENT_HELLO,
+ hello->pre_proc_exts, NULL, 0))
+ return -1;
+
+ ret = s->session;
+ } else {
+ /* sets s->ext.ticket_expected */
+ r = tls_get_ticket_from_client(s, hello, &ret);
+ switch (r) {
+ case SSL_TICKET_FATAL_ERR_MALLOC:
+ case SSL_TICKET_FATAL_ERR_OTHER:
+ fatal = 1;
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_GET_PREV_SESSION,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ case SSL_TICKET_NONE:
+ case SSL_TICKET_EMPTY:
+ if (hello->session_id_len > 0) {
+ try_session_cache = 1;
+ ret = lookup_sess_in_cache(s, hello->session_id,
+ hello->session_id_len);
+ }
+ break;
+ case SSL_TICKET_NO_DECRYPT:
+ case SSL_TICKET_SUCCESS:
+ case SSL_TICKET_SUCCESS_RENEW:
+ break;
+ }
+ }
+