gnutls_session_is_resumed: don't check session ID in TLS 1.3

In middlebox compatibiltiy mode, TLS 1.3 client simulates the TLS 1.2
resumption handshake, so checking session ID for resumption is
pointless.  This worked previously because the client always generated
new random value even in a true resumption handshake, but didn't
update the session parameters properly.

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/lib/state.c b/lib/state.c
index 96b400812d7e78f8719f9464b80237e57d995c3d..9f306faf70d23675fdfd32649ed4b5171ffa3fd7 100644 (file)
--- a/lib/state.c
+++ b/lib/state.c
@@ -981,9 +981,9 @@ int gnutls_session_is_resumed(gnutls_session_t session)
 {
        if (session->security_parameters.entity == GNUTLS_CLIENT) {
                const version_entry_st *ver = get_version(session);
-               if (ver && ver->tls13_sem &&
-                   session->internals.resumed)
-                       return 1;
+               if (ver && ver->tls13_sem) {
+                       return session->internals.resumed;
+               }
 
                if (session->security_parameters.session_id_size > 0 &&
                    session->security_parameters.session_id_size ==