diff options
| author | Matt Caswell <matt@openssl.org> | 2015-11-30 13:29:41 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2015-12-27 22:02:33 +0000 |
| commit | 0ac6239955965f58f9dddb4229e8cd58e0dba20d (patch) | |
| tree | bceafdb100318bbf65625fd695ac8331eadc92bd | |
| parent | 905943af3b43116b64ae815db1a6b9c2f15e0356 (diff) | |
Ensure we don't call the OCSP callback if resuming a session
It makes no sense to call the OCSP status callback if we are resuming a
session because no certificates will be sent.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
| -rw-r--r-- | ssl/t1_lib.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 24713194e8..d9ba99d735 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -3165,7 +3165,7 @@ int ssl_check_serverhello_tlsext(SSL *s) * callback */ if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected) - && s->ctx && s->ctx->tlsext_status_cb) { + && !(s->hit) && s->ctx && s->ctx->tlsext_status_cb) { int r; /* * Call callback with resp == NULL and resplen == -1 so callback |