Don't copy client's session ID into server's session. When decrypting a ticket we would copy the client's session ID into the session and then copy the session's ID into the ServerHello (if resuming). That seems icky. Instead install the same placeholder on the server as we do on the client. Change-Id: Icb50a3be2f05e6428f1b286c8c09015f7bb4af16 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47784 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: David Benjamin <davidben@google.com>

commit: 47cefed43f1003ac939489712b261eb91beb3835 [log] [tgz]
author: Adam Langley <alangley@gmail.com> Wed May 26 13:36:40 2021 -0700
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Thu May 27 15:44:34 2021 +0000
tree: b758154aa8e1f84c914f2a0a100fad4afd789e16
parent: 3dd9864feace08641e1f856edd2bcca63ba7887f [diff] [blame]
diff --git a/ssl/tls13_client.cc b/ssl/tls13_client.cc
index b4d56ea..d23cf6c 100644
--- a/ssl/tls13_client.cc
+++ b/ssl/tls13_client.cc

@@ -1054,7 +1054,7 @@
   }
 
   // Historically, OpenSSL filled in fake session IDs for ticket-based sessions.
-  // TODO(davidben): Are external callers relying on this? Try removing this.
+  // Envoy's tests depend on this, although perhaps they shouldn't.
   SHA256(CBS_data(&ticket), CBS_len(&ticket), session->session_id);
   session->session_id_length = SHA256_DIGEST_LENGTH;
commit	47cefed43f1003ac939489712b261eb91beb3835	[log] [tgz]
author	Adam Langley <alangley@gmail.com>	Wed May 26 13:36:40 2021 -0700
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Thu May 27 15:44:34 2021 +0000
tree	b758154aa8e1f84c914f2a0a100fad4afd789e16
parent	3dd9864feace08641e1f856edd2bcca63ba7887f [diff] [blame]