From: Matt Caswell <matt@openssl.org>
Date: Fri, 24 Aug 2018 15:16:28 +0000 (+0100)
Subject: Send a NewSessionTicket after using an external PSK
X-Git-Tag: OpenSSL_1_1_1~54
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=51256b34d82d008cca7be0d1903c357bfa99f753;p=thirdparty%2Fopenssl.git

Send a NewSessionTicket after using an external PSK

Treat a connection using an external PSK like we would a resumption and
send a single NewSessionTicket afterwards.

Fixes #6941

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7097)
---

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 295d3e7ee5..0f2b22392b 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -1160,6 +1160,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
             ext = 1;
             if (id == 0)
                 s->ext.early_data_ok = 1;
+            s->ext.ticket_expected = 1;
         } else {
             uint32_t ticket_age = 0, now, agesec, agems;
             int ret;
@@ -1235,6 +1236,7 @@ int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
             SSL_SESSION_free(sess);
             sess = NULL;
             s->ext.early_data_ok = 0;
+            s->ext.ticket_expected = 0;
             continue;
         }
         break;