From 1da05308ec1f5e781e32d47cde0067d80e95b456 Mon Sep 17 00:00:00 2001
From: "Tobias S. Josefowitz" <tobij@tobij.de>
Date: Sun, 4 Aug 2019 18:35:12 +0200
Subject: [PATCH] SSL.ClientConnection: Fix session ticket support

The server signals reuse of the session by echoing the session_id we
provide (as well as by a shortened handshake/server hello). Presence of
the session ticket extension informs of the server's intention to send a
new session ticket (or replace an existing one), hence tickets_enabled
does not need to be true (and apparently rarely is) when we resume
sessions based on tickets with other SSL implementations on the server
side.
---
 lib/modules/SSL.pmod/ClientConnection.pike | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/lib/modules/SSL.pmod/ClientConnection.pike b/lib/modules/SSL.pmod/ClientConnection.pike
index 5388539bbd..0c9ed3a744 100644
--- a/lib/modules/SSL.pmod/ClientConnection.pike
+++ b/lib/modules/SSL.pmod/ClientConnection.pike
@@ -551,13 +551,6 @@ int(-1..1) handle_handshake(int type, string(8bit) data, string(8bit) raw)
 	return -1;
       }
 
-      if (session->ticket && !tickets_enabled) {
-	// The server has stopped supporting session tickets?
-	// Make sure not to compare the server-generated
-	// session id with the one that we may have generated.
-	id = "";
-      }
-
       // RFC 5746 3.5:
       // When a ServerHello is received, the client MUST verify that the
       // "renegotiation_info" extension is present; if it is not, the
-- 
GitLab