From d26c905c6754d137dd9caf69d85af4e049d40543 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 29 Apr 2008 16:44:51 +0000 Subject: [PATCH] Update from stable branch. --- ssl/s3_srvr.c | 22 +++++++++++++++++----- ssl/t1_lib.c | 4 +++- 2 files changed, 20 insertions(+), 6 deletions(-) diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 2ff4bc7ebd..dee1f73cde 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -314,9 +314,18 @@ int ssl3_accept(SSL *s) case SSL3_ST_SW_SRVR_HELLO_B: ret=ssl3_send_server_hello(s); if (ret <= 0) goto end; - +#ifndef OPENSSL_NO_TLSEXT if (s->hit) - s->state=SSL3_ST_SW_CHANGE_A; + { + if (s->tlsext_ticket_expected) + s->state=SSL3_ST_SW_SESSION_TICKET_A; + else + s->state=SSL3_ST_SW_CHANGE_A; + } +#else + if (s->hit) + s->state=SSL3_ST_SW_CHANGE_A; +#endif else s->state=SSL3_ST_SW_CERT_A; s->init_num=0; @@ -548,11 +557,14 @@ int ssl3_accept(SSL *s) ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A, SSL3_ST_SR_FINISHED_B); if (ret <= 0) goto end; - if (s->hit) - s->state=SSL_ST_OK; #ifndef OPENSSL_NO_TLSEXT - else if (s->tlsext_ticket_expected) + if (s->tlsext_ticket_expected) s->state=SSL3_ST_SW_SESSION_TICKET_A; + else if (s->hit) + s->state=SSL_ST_OK; +#else + if (s->hit) + s->state=SSL_ST_OK; #endif else s->state=SSL3_ST_SW_CHANGE_A; diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 39629c273c..16c4f08e78 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1501,7 +1501,9 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, memcpy(sess->session_id, sess_id, sesslen); sess->session_id_length = sesslen; *psess = sess; - s->tlsext_ticket_expected = 0; + /*** TEST ***/ + s->tlsext_ticket_expected = 1; + /*s->tlsext_ticket_expected = 0;*/ return 1; } /* If session decrypt failure indicate a cache miss and set state to -- 2.25.1