Update from stable branch.

ssl/s3_srvr.c

@@ -314,9 +314,18 @@ int ssl3_accept(SSL *s)
 		case SSL3_ST_SW_SRVR_HELLO_B:
 			ret=ssl3_send_server_hello(s);
 			if (ret <= 0) goto end;
-
+#ifndef OPENSSL_NO_TLSEXT
 			if (s->hit)
-				s->state=SSL3_ST_SW_CHANGE_A;
+				{
+				if (s->tlsext_ticket_expected)
+					s->state=SSL3_ST_SW_SESSION_TICKET_A;
+				else
+					s->state=SSL3_ST_SW_CHANGE_A;
+				}
+#else
+			if (s->hit)
+					s->state=SSL3_ST_SW_CHANGE_A;
+#endif
 			else
 				s->state=SSL3_ST_SW_CERT_A;
 			s->init_num=0;
@@ -548,11 +557,14 @@ int ssl3_accept(SSL *s)
 			ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
 				SSL3_ST_SR_FINISHED_B);
 			if (ret <= 0) goto end;
-			if (s->hit)
-				s->state=SSL_ST_OK;
 #ifndef OPENSSL_NO_TLSEXT
-			else if (s->tlsext_ticket_expected)
+			if (s->tlsext_ticket_expected)
 				s->state=SSL3_ST_SW_SESSION_TICKET_A;
+			else if (s->hit)
+				s->state=SSL_ST_OK;
+#else
+			if (s->hit)
+				s->state=SSL_ST_OK;
 #endif
 			else
 				s->state=SSL3_ST_SW_CHANGE_A;

ssl/t1_lib.c

@@ -1501,7 +1501,9 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
 			memcpy(sess->session_id, sess_id, sesslen);
 		sess->session_id_length = sesslen;
 		*psess = sess;
-		s->tlsext_ticket_expected = 0;
+		/*** TEST ***/
+		s->tlsext_ticket_expected = 1;
+		/*s->tlsext_ticket_expected = 0;*/
 		return 1;
 		}
 	/* If session decrypt failure indicate a cache miss and set state to