Overview

File openssl-no_session_resumption_without_ticket.patch of Package compat-openssl098.29205

From 213f08a65a8ad71ab036852180c979f43fab1b24 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 28 Oct 2009 19:52:18 +0000
Subject: [PATCH] Don't attempt session resumption if no ticket is present and
 session ID length is zero.

---
 ssl/s3_clnt.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index a62ffd5..9322f62 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -618,9 +618,15 @@ int ssl3_client_hello(SSL *s)
 	buf=(unsigned char *)s->init_buf->data;
 	if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
 		{
-		if ((s->session == NULL) ||
-			(s->session->ssl_version != s->version) ||
-			(s->session->not_resumable))
+		SSL_SESSION *sess = s->session;
+		if ((sess == NULL) ||
+			(sess->ssl_version != s->version) ||
+#ifdef OPENSSL_NO_TLSEXT
+			!sess->session_id_length ||
+#else
+			(!sess->session_id_length && !sess->tlsext_tick) ||
+#endif
+			(sess->not_resumable))
 			{
 			if (!ssl_get_new_session(s,0))
 				goto err;
-- 
1.9.1
openSUSE Build Service is sponsored by
Places