Fix empty NewSessionTicket processing
authorMatt Caswell <matt@openssl.org>
Thu, 22 Oct 2015 14:02:14 +0000 (15:02 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 30 Oct 2015 08:39:47 +0000 (08:39 +0000)
Rebasing the state machine code introduced a problem with empty
NewSessionTicket processing. The return value from the
tls_process_new_session_ticket() is supposed to be an enum, but a bare
integer was being used. Unfortunately this is valid C so the compiler
doesn't pick it up.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
ssl/statem/statem_clnt.c

index dbba36bc9e54c4c50e4dce344efc6278b9df564f..d0c6b1292ede75cc3ca383185aae392e73a0280b 100644 (file)
@@ -2184,7 +2184,7 @@ enum MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt)
 
     /* Server is allowed to change its mind and send an empty ticket. */
     if (ticklen == 0)
-        return 1;
+        return MSG_PROCESS_CONTINUE_READING;
 
     if (s->session->session_id_length > 0) {
         int i = s->session_ctx->session_cache_mode;