RT2772: accept empty SessionTicket
RFC 5077 section 3.3 says: If the server determines that it does not want to include a ticket after it has included the SessionTicket extension in the ServerHello, then it sends a zero-length ticket in the NewSessionTicket handshake message. Previously the client would fail upon attempting to allocate a zero-length buffer. Now, we have the client ignore the empty ticket and keep the existing session. Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 21b538d6)
parent
7794c355
Please register or sign in to comment