diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2008-09-03 22:17:11 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2008-09-03 22:17:11 +0000 |
| commit | e8da6a1d0fd119e170df49e1f5e28f980794144d (patch) | |
| tree | 5a730c51ab0762018664dbdcea800f94a687bbc4 /ssl | |
| parent | 305514000c7e404490951f4c14a65379098c7baf (diff) | |
Fix from stable branch.
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/ssl_sess.c | 2 | ||||
| -rw-r--r-- | ssl/t1_lib.c | 11 |
2 files changed, 10 insertions, 3 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index c5ca1c2014..1378f7600e 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -438,7 +438,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, fatal = 1; goto err; } - else if (r == 0 || (!ret || !len)) + else if (r == 0 || (!ret && !len)) goto err; else if (!ret && !(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) #else diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index bde52b126b..dc0396cfaa 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1388,6 +1388,13 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, /* Point after session ID in client hello */ const unsigned char *p = session_id + len; unsigned short i; + + /* If tickets disabled behave as if no ticket present + * to permit stateful resumption. + */ + if (SSL_get_options(s) & SSL_OP_NO_TICKET) + return 1; + if ((s->version <= SSL3_VERSION) || !limit) return 1; if (p >= limit) @@ -1419,8 +1426,8 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, * trigger a full handshake */ if (SSL_get_options(s) & SSL_OP_NO_TICKET) - return 0; - /* If zero length not client will accept a ticket + return 1; + /* If zero length note client will accept a ticket * and indicate cache miss to trigger full handshake */ if (size == 0) |