Rework the decrypt ticket callback

Don't call the decrypt ticket callback if we've already encountered a fatal error. Do call it if we have an empty ticket present. Change the return code to have 5 distinct returns codes and separate it from the input status value. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6198)
author: Matt Caswell <matt@openssl.org> 2018-05-09 18:22:36 +0100
committer: Matt Caswell <matt@openssl.org> 2018-05-11 14:51:09 +0100
commit: 61fb59238dad6452a37ec14513fae617a4faef29 (patch)
tree: 5737eeba510f7a64792d3ac007f794d62a2dcb8a /ssl/statem/statem_srvr.c
parent: c20e3b282c26205f39a89a23664245475d4d7cbc (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 3f56ff1389..22786bed13 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -489,10 +489,10 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
         st->hand_state = TLS_ST_SW_SESSION_TICKET;
         if (s->post_handshake_auth == SSL_PHA_REQUESTED) {
             s->post_handshake_auth = SSL_PHA_EXT_RECEIVED;
-        } else if (s->hit && !s->ext.ticket_expected) {
+        } else if (!s->ext.ticket_expected) {
             /*
-             * If we resumed and we're not going to renew the ticket then we
-             * just finish the handshake at this point.
+             * If we're not going to renew the ticket then we just finish the
+             * handshake at this point.
              */
             st->hand_state = TLS_ST_OK;
         }
author	Matt Caswell <matt@openssl.org>	2018-05-09 18:22:36 +0100
committer	Matt Caswell <matt@openssl.org>	2018-05-11 14:51:09 +0100
commit	61fb59238dad6452a37ec14513fae617a4faef29 (patch)
tree	5737eeba510f7a64792d3ac007f794d62a2dcb8a /ssl/statem/statem_srvr.c
parent	c20e3b282c26205f39a89a23664245475d4d7cbc (diff)