Move tlsext_ticket_expected to SSL_HANDSHAKE.
It's all of one bit, but having it on the SSL object means we need
manually to reset it on renego.
Change-Id: I989dacd430fe0fa63d76451b95f036a942aefcfe
Reviewed-on: https://boringssl-review.googlesource.com/12229
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/handshake_client.c b/ssl/handshake_client.c
index 3583be4..27cd7ba 100644
--- a/ssl/handshake_client.c
+++ b/ssl/handshake_client.c
@@ -448,7 +448,7 @@
goto end;
case SSL3_ST_CR_SESSION_TICKET_A:
- if (ssl->tlsext_ticket_expected) {
+ if (ssl->s3->hs->ticket_expected) {
ret = ssl3_get_new_session_ticket(ssl);
if (ret <= 0) {
goto end;
@@ -536,9 +536,6 @@
/* Remove write buffering now. */
ssl_free_wbio_buffer(ssl);
- ssl_handshake_free(ssl->s3->hs);
- ssl->s3->hs = NULL;
-
const int is_initial_handshake = !ssl->s3->initial_handshake_complete;
ssl->s3->initial_handshake_complete = 1;
if (is_initial_handshake) {
@@ -546,6 +543,9 @@
ssl_update_cache(ssl, SSL_SESS_CACHE_CLIENT);
}
+ ssl_handshake_free(ssl->s3->hs);
+ ssl->s3->hs = NULL;
+
ret = 1;
ssl_do_info_callback(ssl, SSL_CB_HANDSHAKE_DONE, 1);
goto end;
@@ -1881,10 +1881,9 @@
if (CBS_len(&ticket) == 0) {
/* RFC 5077 allows a server to change its mind and send no ticket after
- * negotiating the extension. The value of |tlsext_ticket_expected| is
- * checked in |ssl_update_cache| so is cleared here to avoid an unnecessary
- * update. */
- ssl->tlsext_ticket_expected = 0;
+ * negotiating the extension. The value of |ticket_expected| is checked in
+ * |ssl_update_cache| so is cleared here to avoid an unnecessary update. */
+ ssl->s3->hs->ticket_expected = 0;
return 1;
}