diff options
author | Emilia Kasper <emilia@openssl.org> | 2014-11-19 16:28:11 +0100 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2014-11-20 15:26:26 +0100 |
commit | b8712b2b9a51d65127606fd25cb549d93406b7a0 (patch) | |
tree | 8e5922facb1cef0deaacb9cc68f651b501b053b7 /ssl/d1_clnt.c | |
parent | 1eaccbef5787a746305a99ad9b66cf2105344e87 (diff) |
Remove ssl3_check_finished.
The client sends a session ID with the session ticket, and uses
the returned ID to detect resumption, so we do not need to peek
at handshake messages: s->hit tells us explicitly if we're resuming.
An equivalent change was independently made in BoringSSL, see commit
407886f589cf2dbaed82db0a44173036c3bc3317.
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 980bc1ec6114f5511b20c2e6ca741e61a39b99d6)
Conflicts:
ssl/d1_clnt.c
ssl/s3_clnt.c
Diffstat (limited to 'ssl/d1_clnt.c')
-rw-r--r-- | ssl/d1_clnt.c | 14 |
1 files changed, 0 insertions, 14 deletions
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index fd6562c114..00e14b53c7 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -370,20 +370,6 @@ int dtls1_connect(SSL *s) case SSL3_ST_CR_CERT_A: case SSL3_ST_CR_CERT_B: -#ifndef OPENSSL_NO_TLSEXT - ret=ssl3_check_finished(s); - if (ret <= 0) goto end; - if (ret == 2) - { - s->hit = 1; - if (s->tlsext_ticket_expected) - s->state=SSL3_ST_CR_SESSION_TICKET_A; - else - s->state=SSL3_ST_CR_FINISHED_A; - s->init_num=0; - break; - } -#endif /* Check if it is anon DH or PSK */ if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) |