From 213f08a65a8ad71ab036852180c979f43fab1b24 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 28 Oct 2009 19:52:18 +0000 Subject: [PATCH] Don't attempt session resumption if no ticket is present and session ID length is zero. --- ssl/s3_clnt.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index a62ffd5eb3..9322f629ce 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -618,9 +618,15 @@ int ssl3_client_hello(SSL *s) buf=(unsigned char *)s->init_buf->data; if (s->state == SSL3_ST_CW_CLNT_HELLO_A) { - if ((s->session == NULL) || - (s->session->ssl_version != s->version) || - (s->session->not_resumable)) + SSL_SESSION *sess = s->session; + if ((sess == NULL) || + (sess->ssl_version != s->version) || +#ifdef OPENSSL_NO_TLSEXT + !sess->session_id_length || +#else + (!sess->session_id_length && !sess->tlsext_tick) || +#endif + (sess->not_resumable)) { if (!ssl_get_new_session(s,0)) goto err; -- GitLab