From e3738c49b8cb59e80079b8c6be13cb8afaf843f8 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 8 Nov 2009 14:36:32 +0000 Subject: [PATCH] If it is a new session don't send the old TLS ticket: send a zero length ticket to request a new session. --- ssl/t1_lib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 401aa5e4ce..db2bd6b6a8 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -365,7 +365,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) { int ticklen; - if (s->session && s->session->tlsext_tick) + if (!s->new_session && s->session && s->session->tlsext_tick) ticklen = s->session->tlsext_ticklen; else if (s->session && s->tlsext_session_ticket && s->tlsext_session_ticket->data) -- 2.25.1