Retry callback only after ClientHello received.

[openssl.git] / ssl / ssl_sess.c

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 9e8f2e4eced2a7911e3fd046e9b52b4c4f12e097..73d87fd6c1a3c3088606370d04e04d1473b2fb62 100644 (file)
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -328,6 +328,11 @@ int ssl_get_new_session(SSL *s, int session)
                        ss->ssl_version=DTLS1_VERSION;
                        ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
                        }
+               else if (s->version == DTLS1_2_VERSION)
+                       {
+                       ss->ssl_version=DTLS1_2_VERSION;
+                       ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+                       }
                else
                        {
                        SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);
@@ -589,12 +594,14 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
        if (ret != NULL)
                {
                SSL_SESSION_free(ret);
+#ifndef OPENSSL_NO_TLSEXT
                if (!try_session_cache)
                        {
                        /* The session was from a ticket, so we should
                         * issue a ticket for the new session */
                        s->tlsext_ticket_expected = 1;
                        }
+#endif
                }
        if (fatal)
                return -1;