Remove ssl3_check_finished.

The client sends a session ID with the session ticket, and uses the returned ID to detect resumption, so we do not need to peek at handshake messages: s->hit tells us explicitly if we're resuming. An equivalent change was independently made in BoringSSL, see commit 407886f589cf2dbaed82db0a44173036c3bc3317. Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 980bc1ec6114f5511b20c2e6ca741e61a39b99d6) Conflicts: ssl/d1_clnt.c ssl/s3_clnt.c
author: Emilia Kasper <emilia@openssl.org> 2014-11-19 16:28:11 +0100
committer: Emilia Kasper <emilia@openssl.org> 2014-11-20 15:26:26 +0100
commit: b8712b2b9a51d65127606fd25cb549d93406b7a0 (patch)
tree: 8e5922facb1cef0deaacb9cc68f651b501b053b7 /ssl/d1_clnt.c
parent: 1eaccbef5787a746305a99ad9b66cf2105344e87 (diff)
1 files changed, 0 insertions, 14 deletions
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index fd6562c114..00e14b53c7 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -370,20 +370,6 @@ int dtls1_connect(SSL *s)
 
 		case SSL3_ST_CR_CERT_A:
 		case SSL3_ST_CR_CERT_B:
-#ifndef OPENSSL_NO_TLSEXT
-			ret=ssl3_check_finished(s);
-			if (ret <= 0) goto end;
-			if (ret == 2)
-				{
-				s->hit = 1;
-				if (s->tlsext_ticket_expected)
-					s->state=SSL3_ST_CR_SESSION_TICKET_A;
-				else
-					s->state=SSL3_ST_CR_FINISHED_A;
-				s->init_num=0;
-				break;
-				}
-#endif
 			/* Check if it is anon DH or PSK */
 			if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
 			    !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
author	Emilia Kasper <emilia@openssl.org>	2014-11-19 16:28:11 +0100
committer	Emilia Kasper <emilia@openssl.org>	2014-11-20 15:26:26 +0100
commit	b8712b2b9a51d65127606fd25cb549d93406b7a0 (patch)
tree	8e5922facb1cef0deaacb9cc68f651b501b053b7 /ssl/d1_clnt.c
parent	1eaccbef5787a746305a99ad9b66cf2105344e87 (diff)