diff options
Diffstat (limited to 'crypto/src/tls/DtlsClientProtocol.cs')
| -rw-r--r-- | crypto/src/tls/DtlsClientProtocol.cs | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/crypto/src/tls/DtlsClientProtocol.cs b/crypto/src/tls/DtlsClientProtocol.cs index a4810b983..44f574e3a 100644 --- a/crypto/src/tls/DtlsClientProtocol.cs +++ b/crypto/src/tls/DtlsClientProtocol.cs @@ -177,10 +177,7 @@ namespace Org.BouncyCastle.Tls } InvalidateSession(state); - state.tlsSession = TlsUtilities.ImportSession(securityParameters.SessionID, null); - state.sessionParameters = null; - state.sessionMasterSecret = null; serverMessage = handshake.ReceiveMessage(); @@ -343,6 +340,14 @@ namespace Org.BouncyCastle.Tls serverMessage = handshake.ReceiveMessage(); if (serverMessage.Type == HandshakeType.new_session_ticket) { + /* + * RFC 5077 3.4. If the client receives a session ticket from the server, then it + * discards any Session ID that was sent in the ServerHello. + */ + securityParameters.m_sessionID = TlsUtilities.EmptyBytes; + InvalidateSession(state); + state.tlsSession = TlsUtilities.ImportSession(securityParameters.SessionID, null); + ProcessNewSessionTicket(state, serverMessage.Body); } else @@ -373,7 +378,7 @@ namespace Org.BouncyCastle.Tls .SetServerExtensions(state.serverExtensions) .Build(); - state.tlsSession = TlsUtilities.ImportSession(state.tlsSession.SessionID, state.sessionParameters); + state.tlsSession = TlsUtilities.ImportSession(securityParameters.SessionID, state.sessionParameters); securityParameters.m_tlsUnique = securityParameters.LocalVerifyData; |