CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2020/09/07 02:04:30
Modified files:
lib/libssl : t1_lib.c
Log message:
Garbage collect renew_ticket in tls_decrypt_ticket
This is only set in one place and read in one place to set the badly
named tlsext_ticket_expected flag. It seems preferable to set this
flag directly, thus simplifying the logic. This slightly changes the
behavior in that this flag is now set earlier, but this seems preferable
anyway. Any error between the old and the new position where the flag
is set is either fatal (so the connection will be closed) or a decrypt
error (so the flag will be set).
discussed with jsing
