Honor SSL_SESS_CACHE_CLIENT in TLS 1.3. The new_session_cb callback should not be run if SSL_SESS_CACHE_CLIENT is off. Change-Id: I1ab320f33688f186b241d95c81775331a5c5b1a1 Reviewed-on: https://boringssl-review.googlesource.com/20065 Reviewed-by: Steven Valdez <svaldez@google.com> Commit-Queue: Steven Valdez <svaldez@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: 3d8f0808e49722a8b23abbacd06cb494c2e1606d [log] [tgz]
author: David Benjamin <davidben@google.com> Wed Sep 06 16:12:52 2017 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Wed Sep 06 20:31:17 2017 +0000
tree: 74a399582fbd2679e7621f93b1ffb85613a10443
parent: a861460c89f6d63eeb9c384de9a7b1d8fec12bb7 [diff] [blame]
diff --git a/ssl/tls13_client.cc b/ssl/tls13_client.cc
index f91da26..98ddaf3 100644
--- a/ssl/tls13_client.cc
+++ b/ssl/tls13_client.cc

@@ -839,7 +839,8 @@
   session->ticket_age_add_valid = 1;
   session->not_resumable = 0;
 
-  if (ssl->ctx->new_session_cb != NULL &&
+  if ((ssl->ctx->session_cache_mode & SSL_SESS_CACHE_CLIENT) &&
+      ssl->ctx->new_session_cb != NULL &&
       ssl->ctx->new_session_cb(ssl, session.get())) {
     // |new_session_cb|'s return value signals that it took ownership.
     session.release();
commit	3d8f0808e49722a8b23abbacd06cb494c2e1606d	[log] [tgz]
author	David Benjamin <davidben@google.com>	Wed Sep 06 16:12:52 2017 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Wed Sep 06 20:31:17 2017 +0000
tree	74a399582fbd2679e7621f93b1ffb85613a10443
parent	a861460c89f6d63eeb9c384de9a7b1d8fec12bb7 [diff] [blame]