If it is a new session don't send the old TLS ticket: send a zero length
authorDr. Stephen Henson <steve@openssl.org>
Sun, 8 Nov 2009 14:36:12 +0000 (14:36 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Sun, 8 Nov 2009 14:36:12 +0000 (14:36 +0000)
ticket to request a new session.

ssl/t1_lib.c

index 401aa5e..db2bd6b 100644 (file)
@@ -365,7 +365,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
        if (!(SSL_get_options(s) & SSL_OP_NO_TICKET))
                {
                int ticklen;
-               if (s->session && s->session->tlsext_tick)
+               if (!s->new_session && s->session && s->session->tlsext_tick)
                        ticklen = s->session->tlsext_ticklen;
                else if (s->session && s->tlsext_session_ticket &&
                         s->tlsext_session_ticket->data)