generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Ensure we don't call the OCSP callback if resuming a session

Browse Source 
It makes no sense to call the OCSP status callback if we are resuming a
session because no certificates will be sent.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
This commit is contained in:
Matt Caswell 2015-11-30 13:29:41 +00:00
parent bb1aaab428
commit 80e339fd09
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/t1_lib.c
View File

@ -2855,7 +2855,7 @@ int ssl_check_serverhello_tlsext(SSL *s)
* callback
*/
if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected)
&& s->ctx && s->ctx->tlsext_status_cb) {
&& !(s->hit) && s->ctx && s->ctx->tlsext_status_cb) {
int r;
/*
* Call callback with resp == NULL and resplen == -1 so callback