Don't attempt session resumption if no ticket is present and session
authorDr. Stephen Henson <steve@openssl.org>
Wed, 28 Oct 2009 19:52:35 +0000 (19:52 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 28 Oct 2009 19:52:35 +0000 (19:52 +0000)
ID length is zero.

ssl/s3_clnt.c

index a62ffd5eb3dd2c677330de3fb9fb60b8a2f9492d..9322f629ce6a864ce34716d26313c8b8b7171e6a 100644 (file)
@@ -618,9 +618,15 @@ int ssl3_client_hello(SSL *s)
        buf=(unsigned char *)s->init_buf->data;
        if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
                {
-               if ((s->session == NULL) ||
-                       (s->session->ssl_version != s->version) ||
-                       (s->session->not_resumable))
+               SSL_SESSION *sess = s->session;
+               if ((sess == NULL) ||
+                       (sess->ssl_version != s->version) ||
+#ifdef OPENSSL_NO_TLSEXT
+                       !sess->session_id_length ||
+#else
+                       (!sess->session_id_length && !sess->tlsext_tick) ||
+#endif
+                       (sess->not_resumable))
                        {
                        if (!ssl_get_new_session(s,0))
                                goto err;