projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f097e87)
Send a NewSessionTicket after using an external PSK
authorMatt Caswell <matt@openssl.org>
Fri, 24 Aug 2018 15:16:28 +0000 (16:16 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 4 Sep 2018 10:22:26 +0000 (11:22 +0100)
Treat a connection using an external PSK like we would a resumption and
send a single NewSessionTicket afterwards.

Fixes #6941

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7097)

ssl/statem/extensions_srvr.c patch | blob | history

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 295d3e7ee555b50c9f4d01188666793b21be7eb8..0f2b22392bcafa171b386b449864eab8e96e597a 100644 (file)
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -1160,6 +1160,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
             ext = 1;
             if (id == 0)
                 s->ext.early_data_ok = 1;
+            s->ext.ticket_expected = 1;
         } else {
             uint32_t ticket_age = 0, now, agesec, agems;
             int ret;
@@ -1235,6 +1236,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
             SSL_SESSION_free(sess);
             sess = NULL;
             s->ext.early_data_ok = 0;
+            s->ext.ticket_expected = 0;
             continue;
         }
         break;
Unnamed repository; edit this file 'description' to name the repository.