generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Ensure we don't call the OCSP callback if resuming a session

Browse Source 
It makes no sense to call the OCSP status callback if we are resuming a
session because no certificates will be sent.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
This commit is contained in:
Matt Caswell 2015-11-30 13:29:41 +00:00
parent 905943af3b
commit 0ac6239955
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/t1_lib.c
View File

@ -3165,7 +3165,7 @@ int ssl_check_serverhello_tlsext(SSL *s)
* callback * callback
*/ */
if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected) if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected)
&& s->ctx && s->ctx->tlsext_status_cb) { && !(s->hit) && s->ctx && s->ctx->tlsext_status_cb) {
int r; int r;
/* /*
* Call callback with resp == NULL and resplen == -1 so callback * Call callback with resp == NULL and resplen == -1 so callback