Remove TLS1.3 TODO around testing for session id length

TLSv1.3 will do the same thing as TLSv1.2 with tickets with regards to session ids, i.e. it will create a synthetic session id when the session is established, so it is reasonable to check the session id length, even in TLSv1.3. Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3008)

Remove TLS1.3 TODO around testing for session id length
TLSv1.3 will do the same thing as TLSv1.2 with tickets with regards to session ids, i.e. it will create a synthetic session id when the session is established, so it is reasonable to check the session id length, even in TLSv1.3. Reviewed-by: N Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3008)
3348fc7e · Matt Caswell · b6e32506 · 3348fc7e
隐藏空白更改
内联并排

Showing with 0 addition and 1 deletion

ssl/statem/statem_clnt.c ssl/statem/statem_clnt.c +0 -1

未找到文件。
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2442,7 +2442,6 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt)
    if (ticklen == 0)
        return MSG_PROCESS_CONTINUE_READING;

-    /* TODO(TLS1.3): Is this a suitable test for TLS1.3? */
    if (s->session->session_id_length > 0) {
        int i = s->session_ctx->session_cache_mode;
        SSL_SESSION *new_sess;