Don't attempt session resumption if no ticket is present and session

author Dr. Stephen Henson <steve@openssl.org>

Wed, 28 Oct 2009 19:52:35 +0000 (19:52 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Wed, 28 Oct 2009 19:52:35 +0000 (19:52 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Wed, 28 Oct 2009 19:52:35 +0000 (19:52 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Wed, 28 Oct 2009 19:52:35 +0000 (19:52 +0000)
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c

index a62ffd5eb3dd2c677330de3fb9fb60b8a2f9492d..9322f629ce6a864ce34716d26313c8b8b7171e6a 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -618,9 +618,15 @@ int ssl3_client_hello(SSL *s)
         buf=(unsigned char *)s->init_buf->data;
         if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
                 {
         buf=(unsigned char *)s->init_buf->data;
         if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
                 {
-               if ((s->session == NULL) ||
-                       (s->session->ssl_version != s->version) ||
-                       (s->session->not_resumable))
+               SSL_SESSION *sess = s->session;
+               if ((sess == NULL) ||
+                       (sess->ssl_version != s->version) ||
+#ifdef OPENSSL_NO_TLSEXT
+                       !sess->session_id_length ||
+#else
+                       (!sess->session_id_length && !sess->tlsext_tick) ||
+#endif
+                       (sess->not_resumable))
                         {
                         if (!ssl_get_new_session(s,0))
                                 goto err;
                         {
                         if (!ssl_get_new_session(s,0))
                                 goto err;
author	Dr. Stephen Henson <steve@openssl.org>
	Wed, 28 Oct 2009 19:52:35 +0000 (19:52 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Wed, 28 Oct 2009 19:52:35 +0000 (19:52 +0000)