Tolerate a zero length ticket nonce

TLSv1.3 draft-21 requires the ticket nonce to be at least 1 byte in length. However NSS sends a zero length nonce. This is actually ok because the next draft will allow zero length nonces anyway, so we should tolerate this. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3957)
author: Matt Caswell <matt@openssl.org> 2017-07-18 16:11:20 +0100
committer: Matt Caswell <matt@openssl.org> 2017-07-18 16:59:37 +0100
commit: 00848ea842f911dac4e10bb39a08bb4b6de9e66a (patch)
tree: b926435776b9b12e8992be820d7aa361bff1a278 /ssl/statem/statem_clnt.c
parent: 6b84e6bf19f5afad338f22a1a6d71a75d2d95fbf (diff)
1 files changed, 0 insertions, 1 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index ed9bd5c209..cef0df8591 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2429,7 +2429,6 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt)
         || (SSL_IS_TLS13(s)
             && (!PACKET_get_net_4(pkt, &age_add)
                 || !PACKET_get_length_prefixed_1(pkt, &nonce)
-                || PACKET_remaining(&nonce) == 0
                 || !PACKET_memdup(&nonce, &s->session->ext.tick_nonce,
                                   &s->session->ext.tick_nonce_len)))
         || !PACKET_get_net_2(pkt, &ticklen)
author	Matt Caswell <matt@openssl.org>	2017-07-18 16:11:20 +0100
committer	Matt Caswell <matt@openssl.org>	2017-07-18 16:59:37 +0100
commit	00848ea842f911dac4e10bb39a08bb4b6de9e66a (patch)
tree	b926435776b9b12e8992be820d7aa361bff1a278 /ssl/statem/statem_clnt.c
parent	6b84e6bf19f5afad338f22a1a6d71a75d2d95fbf (diff)