From 3348fc7e8940b66ab4545a618ba87a63fb677a79 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 21 Mar 2017 13:48:52 +0000 Subject: [PATCH] Remove TLS1.3 TODO around testing for session id length TLSv1.3 will do the same thing as TLSv1.2 with tickets with regards to session ids, i.e. it will create a synthetic session id when the session is established, so it is reasonable to check the session id length, even in TLSv1.3. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3008) --- ssl/statem/statem_clnt.c | 1 - 1 file changed, 1 deletion(-) diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 8c4c83954d..a580431aa1 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2442,7 +2442,6 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt) if (ticklen == 0) return MSG_PROCESS_CONTINUE_READING; - /* TODO(TLS1.3): Is this a suitable test for TLS1.3? */ if (s->session->session_id_length > 0) { int i = s->session_ctx->session_cache_mode; SSL_SESSION *new_sess; -- 2.25.1