From: Dr. Stephen Henson Date: Sun, 8 Nov 2009 14:36:12 +0000 (+0000) Subject: If it is a new session don't send the old TLS ticket: send a zero length X-Git-Tag: OpenSSL-fips-2_0-rc1~1457 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=7ba3838a4bfcf6728895ebc1e625f99ef5506999;hp=4398222457637c0b26b71c524cac41b53c89d32c If it is a new session don't send the old TLS ticket: send a zero length ticket to request a new session. --- diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 401aa5e4ce..db2bd6b6a8 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -365,7 +365,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) { int ticklen; - if (s->session && s->session->tlsext_tick) + if (!s->new_session && s->session && s->session->tlsext_tick) ticklen = s->session->tlsext_ticklen; else if (s->session && s->tlsext_session_ticket && s->tlsext_session_ticket->data)