Upgrade to openssl-0.9.8k. The source tree (and the size of the compiled library) can be reduced further. This will be done in a future commit.

commit: e45f106cb6b47af1f21efe76e933bdea2f5dd1ca [log] [tgz]
author: Nagendra Modadugu <ngm@google.com> Wed Sep 30 11:36:48 2009 -0700
committer: Nagendra Modadugu <ngm@google.com> Wed Sep 30 12:06:07 2009 -0700
tree: 9abf212990e6e7631ac6b0a07816dfe069912724
parent: 5fe11ead41a8b9709f910786101e818603de6690 [diff] [blame]
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 35f04af..9ce7269 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -734,6 +734,13 @@
 	/* Point after session ID in client hello */
 	const unsigned char *p = session_id + len;
 	unsigned short i;
+
+	/* If tickets disabled behave as if no ticket present
+ 	 * to permit stateful resumption.
+ 	 */
+	if (SSL_get_options(s) & SSL_OP_NO_TICKET)
+		return 1;
+
 	if ((s->version <= SSL3_VERSION) || !limit)
 		return 1;
 	if (p >= limit)
@@ -761,12 +768,7 @@
 			return 1;
 		if (type == TLSEXT_TYPE_session_ticket)
 			{
-			/* If tickets disabled indicate cache miss which will
- 			 * trigger a full handshake
- 			 */
-			if (SSL_get_options(s) & SSL_OP_NO_TICKET)
-				return 0;
-			/* If zero length not client will accept a ticket
+			/* If zero length note client will accept a ticket
  			 * and indicate cache miss to trigger full handshake
  			 */
 			if (size == 0)
commit	e45f106cb6b47af1f21efe76e933bdea2f5dd1ca	[log] [tgz]
author	Nagendra Modadugu <ngm@google.com>	Wed Sep 30 11:36:48 2009 -0700
committer	Nagendra Modadugu <ngm@google.com>	Wed Sep 30 12:06:07 2009 -0700
tree	9abf212990e6e7631ac6b0a07816dfe069912724
parent	5fe11ead41a8b9709f910786101e818603de6690 [diff] [blame]