Don't update the session cache when processing a client certificate in TLSv1.3

We should only update the session cache when we issue a NewSessionTicket. These are issued automatically after processing a client certificate. Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5644)

Don't update the session cache when processing a client certificate in TLSv1.3
We should only update the session cache when we issue a NewSessionTicket. These are issued automatically after processing a client certificate. Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5644)
f023ba2d · Matt Caswell · 32305f88 · f023ba2d
隐藏空白更改
内联并排

Showing with 0 addition and 3 deletion

ssl/statem/statem_srvr.c ssl/statem/statem_srvr.c +0 -3

未找到文件。
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3608,9 +3608,6 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
    sk_X509_pop_free(s->session->peer_chain, X509_free);
    s->session->peer_chain = sk;
-    if (new_sess != NULL)
-        ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
    /*
     * Freeze the handshake buffer. For <TLS1.3 we do this after the CKE
     * message