Skip to content
Snippets Groups Projects
Commit 1da05308 authored by Tobias S. Josefowitz's avatar Tobias S. Josefowitz
Browse files

SSL.ClientConnection: Fix session ticket support 

The server signals reuse of the session by echoing the session_id we
provide (as well as by a shortened handshake/server hello). Presence of
the session ticket extension informs of the server's intention to send a
new session ticket (or replace an existing one), hence tickets_enabled
does not need to be true (and apparently rarely is) when we resume
sessions based on tickets with other SSL implementations on the server
side.
parent 22d10b47
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/modules/SSL.pmod/ClientConnection.pike
+ 0
7
View file @ 1da05308
......@@ -551,13 +551,6 @@ int(-1..1) handle_handshake(int type, string(8bit) data, string(8bit) raw)
return -1;
}
if (session->ticket && !tickets_enabled) {
// The server has stopped supporting session tickets?
// Make sure not to compare the server-generated
// session id with the one that we may have generated.
id = "";
}
// RFC 5746 3.5:
// When a ServerHello is received, the client MUST verify that the
// "renegotiation_info" extension is present; if it is not, the
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment