OpenSSL: discard expired resumption session in client

author: Jeremy Harris <jgh146exb@wizmail.org> 2019-05-06 12:28:14 +0100
committer: Jeremy Harris <jgh146exb@wizmail.org> 2019-05-07 22:45:51 +0100
commit: 4f1d23a1aa7aafc5a47988d80dde87c67ec8e1fc (patch)
tree: 40c94b2f1765f5b4c7b13aaf36547fe1e9cfcabd /src
parent: 4202f1215e6e1cbcb66b82e514efcc21682e8ae1 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index ee52b7caa..df884355e 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -2731,6 +2731,12 @@ if (tlsp->host_resumable)
 	  debug_printf("decoding session: %s\n", ssl_errstring);
 	  }
 	}
+      else if ( SSL_SESSION_get_ticket_lifetime_hint(ss) + dt->time_stamp
+	       < time(NULL))
+	{
+	DEBUG(D_tls) debug_printf("session expired\n");
+	dbfn_delete(dbm_file, key);
+	}
       else if (!SSL_set_session(ssl, ss))
 	{
 	DEBUG(D_tls)
author	Jeremy Harris <jgh146exb@wizmail.org>	2019-05-06 12:28:14 +0100
committer	Jeremy Harris <jgh146exb@wizmail.org>	2019-05-07 22:45:51 +0100
commit	4f1d23a1aa7aafc5a47988d80dde87c67ec8e1fc (patch)
tree	40c94b2f1765f5b4c7b13aaf36547fe1e9cfcabd /src
parent	4202f1215e6e1cbcb66b82e514efcc21682e8ae1 (diff)