TLS 1.3 sessions should not be added to the server session cache. Fix this and add a test. Otherwise enabling TLS 1.3 will cause a server to blow through its session cache. Change-Id: I67edbc468faedfd94a6c30cf842af085a6543b50 Reviewed-on: https://boringssl-review.googlesource.com/13501 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: b5c58db9ffd8571ce8f0b48f78354ec8cfcd0e4c [log] [tgz]
author: David Benjamin <davidben@google.com> Sat Jan 28 01:39:29 2017 -0500
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Wed Feb 01 23:07:55 2017 +0000
tree: ffc3cf5e673f2fc940db55887af2a601b396818e
parent: c26692cfdd9b0c86f2573ad03461416c9702bd39 [diff] [blame]
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 7aa3c84..5103c55 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go

@@ -3417,6 +3417,7 @@
 			},
 		},
 		resumeSession: true,
+		flags:         []string{"-expect-no-session-id"},
 	})
 	tests = append(tests, testCase{
 		testType: serverTest,
@@ -3426,6 +3427,7 @@
 			SessionTicketsDisabled: true,
 		},
 		resumeSession: true,
+		flags:         []string{"-expect-session-id"},
 	})
 	tests = append(tests, testCase{
 		testType: serverTest,
@@ -3467,6 +3469,9 @@
 			},
 			resumeSession:        true,
 			resumeRenewedSession: true,
+			// TLS 1.3 uses tickets, so the session should not be
+			// cached statefully.
+			flags: []string{"-expect-no-session-id"},
 		})
 
 		tests = append(tests, testCase{
commit	b5c58db9ffd8571ce8f0b48f78354ec8cfcd0e4c	[log] [tgz]
author	David Benjamin <davidben@google.com>	Sat Jan 28 01:39:29 2017 -0500
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Wed Feb 01 23:07:55 2017 +0000
tree	ffc3cf5e673f2fc940db55887af2a601b396818e
parent	c26692cfdd9b0c86f2573ad03461416c9702bd39 [diff] [blame]