Commit 80e339fd authored by Matt Caswell's avatar Matt Caswell
Browse files

Ensure we don't call the OCSP callback if resuming a session 



It makes no sense to call the OCSP status callback if we are resuming a
session because no certificates will be sent.

Reviewed-by: default avatarViktor Dukhovni <viktor@openssl.org>
parent bb1aaab4

ssl/t1_lib.c

+1 −1
Original line number Diff line number Diff line
@@ -2855,7 +2855,7 @@ int ssl_check_serverhello_tlsext(SSL *s) 
     * callback

     */

    if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected)

        && s->ctx && s->ctx->tlsext_status_cb) {

        && !(s->hit) && s->ctx && s->ctx->tlsext_status_cb) {

        int r;

        /*

         * Call callback with resp == NULL and resplen == -1 so callback