From 081912943f951a49420b1f7d89288bab47f67500 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 19 Jan 2017 11:23:06 +0000 Subject: [PATCH] Use the correct session resumption mechanism Don't attempt to add a TLS1.3 session to a TLS1.2 ClientHello session ticket extensions. Similarly don't add a TLS1.2 session to a TLS1.3 psk extension. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2259) --- ssl/statem/extensions_clnt.c | 10 ++++++---- ssl/t1_lib.c | 2 +- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index 1e6eddf373..c17901a954 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -191,7 +191,8 @@ int tls_construct_ctos_session_ticket(SSL *s, WPACKET *pkt, X509 *x, return 1; if (!s->new_session && s->session != NULL - && s->session->ext.tick != NULL) { + && s->session->ext.tick != NULL + && s->session->ssl_version != TLS1_3_VERSION) { ticklen = s->session->ext.ticklen; } else if (s->session && s->ext.session_ticket != NULL && s->ext.session_ticket->data != NULL) { @@ -674,10 +675,11 @@ int tls_construct_ctos_psk(SSL *s, WPACKET *pkt, X509 *x, size_t chainidx, s->session->ext.tick_identity = TLSEXT_PSK_BAD_IDENTITY; /* - * If this is a new session then we have nothing to resume so don't add - * this extension. + * If this is an incompatible or new session then we have nothing to resume + * so don't add this extension. */ - if (s->session->ext.ticklen == 0) + if (s->session->ssl_version != TLS1_3_VERSION + || s->session->ext.ticklen == 0) return 1; /* diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 046b665c07..b0df32b406 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -954,7 +954,7 @@ int ssl_cipher_disabled(SSL *s, const SSL_CIPHER *c, int op) int tls_use_ticket(SSL *s) { - if ((s->options & SSL_OP_NO_TICKET) || SSL_IS_TLS13(s)) + if ((s->options & SSL_OP_NO_TICKET)) return 0; return ssl_security(s, SSL_SECOP_TICKET, 0, 0, NULL); } -- 2.25.1