des/des_locl.h: clean up unused/irrelevant macros.

[openssl.git] / ssl / ssl_sess.c

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index c0fc8b356c2e56d4dd327a4c629db328e5f82ff3..be3c4c35262c011c0e9aba220f476f507853ef00 100644 (file)
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -458,7 +458,7 @@ int ssl_get_new_session(SSL *s, int session)
  *   - Both for new and resumed sessions, s->ext.ticket_expected is set to 1
  *     if the server should issue a new session ticket (to 0 otherwise).
  */
-int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
+int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello, int *al)
 {
     /* This is used only by servers. */
 
@@ -468,10 +468,10 @@ int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
     TICKET_RETURN r;
 
     if (SSL_IS_TLS13(s)) {
-        int al;
-
-        if (!tls_parse_extension(s, TLSEXT_IDX_psk, EXT_CLIENT_HELLO,
-                                 hello->pre_proc_exts, NULL, 0, &al))
+        if (!tls_parse_extension(s, TLSEXT_IDX_psk_kex_modes, EXT_CLIENT_HELLO,
+                                 hello->pre_proc_exts, NULL, 0, al)
+                || !tls_parse_extension(s, TLSEXT_IDX_psk, EXT_CLIENT_HELLO,
+                                        hello->pre_proc_exts, NULL, 0, al))
             return -1;
 
         ret = s->session;
@@ -480,15 +480,15 @@ int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
         r = tls_get_ticket_from_client(s, hello, &ret);
         switch (r) {
         case TICKET_FATAL_ERR_MALLOC:
-        case TICKET_FATAL_ERR_OTHER: /* Error during processing */
+        case TICKET_FATAL_ERR_OTHER:
             fatal = 1;
             goto err;
-        case TICKET_NONE:            /* No ticket found */
-        case TICKET_EMPTY:           /* Zero length ticket found */
+        case TICKET_NONE:
+        case TICKET_EMPTY:
             try_session_cache = 1;
-            break;                   /* Ok to carry on processing session id. */
-        case TICKET_NO_DECRYPT:      /* Ticket found but not decrypted. */
-        case TICKET_SUCCESS:         /* Ticket decrypted, *ret has been set. */
+            break;
+        case TICKET_NO_DECRYPT:
+        case TICKET_SUCCESS:
         case TICKET_SUCCESS_RENEW:
             break;
         }
@@ -501,7 +501,6 @@ int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
         SSL_SESSION data;
 
         data.ssl_version = s->version;
-        memset(data.session_id, 0, sizeof(data.session_id));
         memcpy(data.session_id, hello->session_id, hello->session_id_len);
         data.session_id_length = hello->session_id_len;
 
@@ -637,10 +636,12 @@ int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello)
             s->ext.ticket_expected = 1;
         }
     }
-    if (fatal)
+    if (fatal) {
+        *al = SSL_AD_INTERNAL_ERROR;
         return -1;
-    else
-        return 0;
+    }
+
+    return 0;
 }
 
 int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)