Temporarily ignore NewSessionTickets for TLS1.3

We can't handle these messages yet, so ignore them for now. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2157)
author: Matt Caswell <matt@openssl.org> 2016-12-29 15:08:47 +0000
committer: Matt Caswell <matt@openssl.org> 2017-01-10 23:02:50 +0000
commit: 4954fd13b3c71f0f74677b78533f1176e13de032 (patch)
tree: 378ed553a6276a9de459af45880c42270c608990 /ssl
parent: 6612d87b897f1f71237e6a7f5a075d46e74d8ac5 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 486da643d9..3ffe29ad00 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1374,6 +1374,16 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
         }
     }
 
+    /*
+     * TODO(TLS1.3): Temporarily we will just ignore NewSessionTicket messages.
+     * Later we will want to process them.
+     */
+    if (!s->server && SSL_IS_TLS13(s) && s->rlayer.handshake_fragment_len >= 4
+            && s->rlayer.handshake_fragment[0] == SSL3_MT_NEWSESSION_TICKET) {
+        SSL3_RECORD_set_read(rr);
+        goto start;
+    }
+
     /*-
      * s->rlayer.handshake_fragment_len == 4  iff  rr->type == SSL3_RT_HANDSHAKE;
      * s->rlayer.alert_fragment_len == 2      iff  rr->type == SSL3_RT_ALERT.
author	Matt Caswell <matt@openssl.org>	2016-12-29 15:08:47 +0000
committer	Matt Caswell <matt@openssl.org>	2017-01-10 23:02:50 +0000
commit	4954fd13b3c71f0f74677b78533f1176e13de032 (patch)
tree	378ed553a6276a9de459af45880c42270c608990 /ssl
parent	6612d87b897f1f71237e6a7f5a075d46e74d8ac5 (diff)