Always require an advertised NewSessionTicket message.

author Emilia Kasper <emilia@openssl.org>

Wed, 19 Nov 2014 15:40:27 +0000 (16:40 +0100)

committer Emilia Kasper <emilia@openssl.org>

Thu, 20 Nov 2014 13:57:15 +0000 (14:57 +0100)
author Emilia Kasper <emilia@openssl.org>
Wed, 19 Nov 2014 15:40:27 +0000 (16:40 +0100)
committer Emilia Kasper <emilia@openssl.org>
Thu, 20 Nov 2014 13:57:15 +0000 (14:57 +0100)
diff --git a/CHANGES b/CHANGES

index d90febcd514fb1fe8c5e5f4197fb17bbbc623921..0d9bd505c3ce56f8f0d79d54da6f57efabd5e315 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -310,6 +310,10 @@
        the extension anew in the ServerHello. Previously, a TLS client would
        reuse the old extension state and thus accept a session ticket if one was
        announced in the initial ServerHello.
        the extension anew in the ServerHello. Previously, a TLS client would
        reuse the old extension state and thus accept a session ticket if one was
        announced in the initial ServerHello.
+
+      Similarly, ensure that the client requires a session ticket if one
+      was advertised in the ServerHello. Previously, a TLS client would
+      ignore a missing NewSessionTicket message.
        [Emilia Käsper]
  
    *) Accelerated NIST P-256 elliptic curve implementation for x86_64
        [Emilia Käsper]
  
    *) Accelerated NIST P-256 elliptic curve implementation for x86_64
@@ -639,6 +643,10 @@
        the extension anew in the ServerHello. Previously, a TLS client would
        reuse the old extension state and thus accept a session ticket if one was
        announced in the initial ServerHello.
        the extension anew in the ServerHello. Previously, a TLS client would
        reuse the old extension state and thus accept a session ticket if one was
        announced in the initial ServerHello.
+
+      Similarly, ensure that the client requires a session ticket if one
+      was advertised in the ServerHello. Previously, a TLS client would
+      ignore a missing NewSessionTicket message.
        [Emilia Käsper]
  
   Changes between 1.0.1i and 1.0.1j [15 Oct 2014]
        [Emilia Käsper]
  
   Changes between 1.0.1i and 1.0.1j [15 Oct 2014]
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c

index d5e79dfbe94b1b944eb9218c63ad07d6af9a8f2b..64439c164a1b066ed18cab65967d87a3119af09b 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -2288,24 +2288,13 @@ int ssl3_get_new_session_ticket(SSL *s)
         n=s->method->ssl_get_message(s,
                 SSL3_ST_CR_SESSION_TICKET_A,
                 SSL3_ST_CR_SESSION_TICKET_B,
         n=s->method->ssl_get_message(s,
                 SSL3_ST_CR_SESSION_TICKET_A,
                 SSL3_ST_CR_SESSION_TICKET_B,
-               -1,
+               SSL3_MT_NEWSESSION_TICKET,
                 16384,
                 &ok);
  
         if (!ok)
                 return((int)n);
  
                 16384,
                 &ok);
  
         if (!ok)
                 return((int)n);
  
-       if (s->s3->tmp.message_type == SSL3_MT_FINISHED)
-               {
-               s->s3->tmp.reuse_message=1;
-               return(1);
-               }
-       if (s->s3->tmp.message_type != SSL3_MT_NEWSESSION_TICKET)
-               {
-               al=SSL_AD_UNEXPECTED_MESSAGE;
-               SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,SSL_R_BAD_MESSAGE_TYPE);
-               goto f_err;
-               }
         if (n < 6)
                 {
                 /* need at least ticket_lifetime_hint + ticket length */
         if (n < 6)
                 {
                 /* need at least ticket_lifetime_hint + ticket length */
author	Emilia Kasper <emilia@openssl.org>
	Wed, 19 Nov 2014 15:40:27 +0000 (16:40 +0100)
committer	Emilia Kasper <emilia@openssl.org>
	Thu, 20 Nov 2014 13:57:15 +0000 (14:57 +0100)
CHANGES		patch \| blob \| history
ssl/s3_clnt.c		patch \| blob \| history