X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fstatem%2Fextensions_clnt.c;h=738ab6b054a6014f868fd9de2622b59996e46465;hp=8c663320e1503b3931f45dcb9da4713c98cb55b8;hb=1f5b44e943d911c3d0bf1445a6dab60798a66408;hpb=1053a6e2281d81cd5d04d2d90da2c4905c9c3561

diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 8c663320e1..738ab6b054 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -191,7 +191,8 @@ int tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt, X509 *x,
         return 1;
 
     if (!s->new_session && s->session != NULL
-            && s->session->ext.tick != NULL) {
+            && s->session->ext.tick != NULL
+            && s->session->ssl_version != TLS1_3_VERSION) {
         ticklen = s->session->ext.ticklen;
     } else if (s->session && s->ext.session_ticket != NULL
                && s->ext.session_ticket->data != NULL) {
@@ -516,6 +517,8 @@ int tls_construct_ctos_psk_kex_modes(SSL *s, WPACKET *pkt, X509 *x,
         SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES, ERR_R_INTERNAL_ERROR);
         return 0;
     }
+
+    s->ext.psk_kex_mode = TLSEXT_KEX_MODE_FLAG_KE | TLSEXT_KEX_MODE_FLAG_KE_DHE;
 #endif
 
     return 1;
@@ -672,11 +675,18 @@ int tls_construct_ctos_psk(SSL *s, WPACKET *pkt, X509 *x, size_t chainidx,
     s->session->ext.tick_identity = TLSEXT_PSK_BAD_IDENTITY;
 
     /*
-     * If this is a new session then we have nothing to resume so don't add
-     * this extension.
+     * If this is an incompatible or new session then we have nothing to resume
+     * so don't add this extension.
      */
-    if (s->session->ext.ticklen == 0)
+    if (s->session->ssl_version != TLS1_3_VERSION
+            || s->session->ext.ticklen == 0)
+        return 1;
+
+    md = ssl_md(s->session->cipher->algorithm2);
+    if (md == NULL) {
+        /* Don't recognise this cipher so we can't use the session. Ignore it */
         return 1;
+    }
 
     /*
      * Technically the C standard just says time() returns a time_t and says
@@ -713,10 +723,9 @@ int tls_construct_ctos_psk(SSL *s, WPACKET *pkt, X509 *x, size_t chainidx,
      */
     agems += s->session->ext.tick_age_add;
 
-    md = ssl_cipher_get_handshake_md(s->session->cipher_id);
-    if (md == NULL) {
-        /* Don't recognise this cipher so we can't use the session. Ignore it */
-        return 1;
+    if (s->session->cipher == NULL) {
+        SSLerr(SSL_F_TLS_CONSTRUCT_CTOS_PSK, ERR_R_INTERNAL_ERROR);
+        goto err;
     }
 
     hashsize = EVP_MD_size(md);