Commit f023ba2d authored by Matt Caswell's avatar Matt Caswell
Browse files

Don't update the session cache when processing a client certificate in TLSv1.3 



We should only update the session cache when we issue a NewSessionTicket.
These are issued automatically after processing a client certificate.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5644)
parent 32305f88

ssl/statem/statem_srvr.c

+0 −3
Original line number Diff line number Diff line
@@ -3608,9 +3608,6 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt) 
    sk_X509_pop_free(s->session->peer_chain, X509_free);

    s->session->peer_chain = sk;



    if (new_sess != NULL)

        ssl_update_cache(s, SSL_SESS_CACHE_SERVER);



    /*

     * Freeze the handshake buffer. For <TLS1.3 we do this after the CKE

     * message