From: Emilia Kasper <emilia@openssl.org>
Date: Wed, 19 Nov 2014 14:42:43 +0000 (+0100)
Subject: Reset s->tlsext_ticket_expected in ssl_scan_serverhello_tlsext.
X-Git-Tag: OpenSSL_1_0_1k~94
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=e2f69f5ce7aa36d98e3b24c2afe8be561226659c;p=oweals%2Fopenssl.git

Reset s->tlsext_ticket_expected in ssl_scan_serverhello_tlsext.
This ensures that it's zeroed even if the SSL object is reused
(as in ssltest.c). It also ensures that it applies to DTLS, too.

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit a06cd5d056c6a5b1d161786873e21a5e53d554d8)
---

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 403b684205..4b86f17419 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -226,14 +226,6 @@ int ssl3_connect(SSL *s)
 			s->renegotiate=1;
 			s->state=SSL_ST_CONNECT;
 			s->ctx->stats.sess_connect_renegotiate++;
-#ifndef OPENSSL_NO_TLSEXT
-			/*
-			 * If renegotiating, the server may choose to not issue
-			 * a new ticket, so reset the flag. It will be set to
-			 * the right value when parsing ServerHello extensions.
-			 */
-			s->tlsext_ticket_expected = 0;
-#endif
 			/* break */
 		case SSL_ST_BEFORE:
 		case SSL_ST_CONNECT:
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index f5728c28d9..c7032f717d 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1513,6 +1513,7 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
 #ifndef OPENSSL_NO_NEXTPROTONEG
 	s->s3->next_proto_neg_seen = 0;
 #endif
+        s->tlsext_ticket_expected = 0;
 
 #ifndef OPENSSL_NO_HEARTBEATS
 	s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |