If it is a new session don't send the old TLS ticket: send a zero length

ticket to request a new session.
2009-11-08 14:36:32 +00:00 · 2009-11-08 14:36:32 +00:00 · e3738c49b8
commit e3738c49b8
parent 41746da8c2
1 changed files with 1 additions and 1 deletions
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@ -365,7 +365,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
 	if (!(SSL_get_options(s) & SSL_OP_NO_TICKET))
 		{
 		int ticklen;
-		if (s->session && s->session->tlsext_tick)
+		if (!s->new_session && s->session && s->session->tlsext_tick)
 			ticklen = s->session->tlsext_ticklen;
 		else if (s->session && s->tlsext_session_ticket &&
 			 s->tlsext_session_ticket->data)