Change the default number of NewSessionTickets we send to 2

Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5227)
author: Matt Caswell <matt@openssl.org> 2018-03-14 19:22:48 +0000
committer: Matt Caswell <matt@openssl.org> 2018-05-17 16:48:25 +0100
commit: 36ff232cf2bf5dfcaf9e60a8c492439428a243bb (patch)
tree: 8e2dfdd9d77088c4ce0245708b9c906daced0e2f /ssl/statem/statem_srvr.c
parent: 394159da608f625b60f07c59e36dc7d01df3a709 (diff)
1 files changed, 15 insertions, 8 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index dfeba173a7..ce8cec185a 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -507,6 +507,9 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
         /* Fall through */
 
     case TLS_ST_SW_KEY_UPDATE:
+        st->hand_state = TLS_ST_OK;
+        return WRITE_TRAN_CONTINUE;
+
     case TLS_ST_SW_SESSION_TICKET:
         /* In a resumption we only ever send a maximum of one new ticket.
          * Following an initial handshake we send the number of tickets we have
@@ -708,7 +711,7 @@ WORK_STATE ossl_statem_server_pre_work(SSL *s, WORK_STATE wst)
         return WORK_FINISHED_CONTINUE;
 
     case TLS_ST_SW_SESSION_TICKET:
-        if (SSL_IS_TLS13(s)) {
+        if (SSL_IS_TLS13(s) && s->sent_tickets == 0) {
             /*
              * Actually this is the end of the handshake, but we're going
              * straight into writing the session ticket out. So we finish off
@@ -3687,12 +3690,16 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
     sk = NULL;
 
     /* Save the current hash state for when we receive the CertificateVerify */
-    if (SSL_IS_TLS13(s)
-            && !ssl_handshake_hash(s, s->cert_verify_hash,
-                                   sizeof(s->cert_verify_hash),
-                                   &s->cert_verify_hash_len)) {
-        /* SSLfatal() already called */
-        goto err;
+    if (SSL_IS_TLS13(s)) {
+        if (!ssl_handshake_hash(s, s->cert_verify_hash,
+                                sizeof(s->cert_verify_hash),
+                                &s->cert_verify_hash_len)) {
+            /* SSLfatal() already called */
+            goto err;
+        }
+
+        /* Resend session tickets */
+        s->sent_tickets = 0;
     }
 
     ret = MSG_PROCESS_CONTINUE_READING;
@@ -3989,7 +3996,6 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
         goto err;
     }
     if (SSL_IS_TLS13(s)) {
-        ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
         if (!tls_construct_extensions(s, pkt,
                                       SSL_EXT_TLS1_3_NEW_SESSION_TICKET,
                                       NULL, 0)) {
@@ -3997,6 +4003,7 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
             goto err;
         }
         s->sent_tickets++;
+        ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
     }
     EVP_CIPHER_CTX_free(ctx);
     HMAC_CTX_free(hctx);
author	Matt Caswell <matt@openssl.org>	2018-03-14 19:22:48 +0000
committer	Matt Caswell <matt@openssl.org>	2018-05-17 16:48:25 +0100
commit	36ff232cf2bf5dfcaf9e60a8c492439428a243bb (patch)
tree	8e2dfdd9d77088c4ce0245708b9c906daced0e2f /ssl/statem/statem_srvr.c
parent	394159da608f625b60f07c59e36dc7d01df3a709 (diff)