From: Dr. Stephen Henson Date: Wed, 28 Oct 2009 19:52:35 +0000 (+0000) Subject: Don't attempt session resumption if no ticket is present and session X-Git-Tag: OpenSSL_1_0_0-beta4~20 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=257b2bfb6ce9b72e4803cac1ad25ae005a7827da;p=oweals%2Fopenssl.git Don't attempt session resumption if no ticket is present and session ID length is zero. --- diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index a62ffd5eb3..9322f629ce 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -618,9 +618,15 @@ int ssl3_client_hello(SSL *s) buf=(unsigned char *)s->init_buf->data; if (s->state == SSL3_ST_CW_CLNT_HELLO_A) { - if ((s->session == NULL) || - (s->session->ssl_version != s->version) || - (s->session->not_resumable)) + SSL_SESSION *sess = s->session; + if ((sess == NULL) || + (sess->ssl_version != s->version) || +#ifdef OPENSSL_NO_TLSEXT + !sess->session_id_length || +#else + (!sess->session_id_length && !sess->tlsext_tick) || +#endif + (sess->not_resumable)) { if (!ssl_get_new_session(s,0)) goto err;