diff options
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_lib.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index cef8e41c6f..d02e2816b4 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -566,10 +566,12 @@ int SSL_clear(SSL *s) /* * Check to see if we were changed into a different method, if so, revert - * back if we are not doing session-id reuse. + * back. We always do this in TLSv1.3. Below that we only do it if we are + * not doing session-id reuse. */ - if (!ossl_statem_get_in_handshake(s) && (s->session == NULL) - && (s->method != s->ctx->method)) { + if (s->method != s->ctx->method + && (SSL_IS_TLS13(s) + || (!ossl_statem_get_in_handshake(s) && s->session == NULL))) { s->method->ssl_free(s); s->method = s->ctx->method; if (!s->method->ssl_new(s)) |