From 5f26ddff7ee2914782e312621023e10af356de18 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Mon, 16 Jul 2018 16:57:36 +0100
Subject: [PATCH] Always issue new tickets when using TLSv1.3 stateful tickets

Previously we were failing to issue new tickets if a resumption attempt
failed.

Fixes #6654

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6722)
---
 ssl/statem/extensions_srvr.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index ab38a4f11e..f5ab5bb840 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -1014,6 +1014,8 @@ static SSL_TICKET_STATUS tls_get_stateful_ticket(SSL *s, PACKET *tick,
 {
     SSL_SESSION *tmpsess = NULL;
 
+    s->ext.ticket_expected = 1;
+
     switch (PACKET_remaining(tick)) {
         case 0:
             return SSL_TICKET_EMPTY;
@@ -1031,7 +1033,6 @@ static SSL_TICKET_STATUS tls_get_stateful_ticket(SSL *s, PACKET *tick,
     if (tmpsess == NULL)
         return SSL_TICKET_NO_DECRYPT;
 
-    s->ext.ticket_expected = 1;
     *sess = tmpsess;
     return SSL_TICKET_SUCCESS;
 }
-- 
2.34.1