Remove server-side renego session resumption check.

Servers can no longer renegotiate.

Change-Id: Id79d5753562e29d2872871f4f571552a019215fa
Reviewed-on: https://boringssl-review.googlesource.com/4884
Reviewed-by: Adam Langley <agl@google.com>

ssl/s3_srvr.c

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 61ef197..f997c86 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -822,7 +822,7 @@
 }
 
 int ssl3_get_client_hello(SSL *s) {
-  int i, ok, al = SSL_AD_INTERNAL_ERROR, ret = -1;
+  int ok, al = SSL_AD_INTERNAL_ERROR, ret = -1;
   long n;
   const SSL_CIPHER *c;
   STACK_OF(SSL_CIPHER) *ciphers = NULL;
@@ -950,30 +950,23 @@
   }
 
   s->hit = 0;
-  if (s->s3->initial_handshake_complete) {
-    /* Renegotiations do not participate in session resumption. */
+  int session_ret = ssl_get_prev_session(s, &early_ctx);
+  if (session_ret == PENDING_SESSION) {
+    s->rwstate = SSL_PENDING_SESSION;
+    goto err;
+  } else if (session_ret == -1) {
+    goto err;
+  }
+
+  /* Only resume if the session's version matches the negotiated version:
+   * most clients do not accept a mismatch. */
+  if (session_ret == 1 && s->version == s->session->ssl_version) {
+    s->hit = 1;
+  } else {
+    /* No session was found or it was unacceptable. */
     if (!ssl_get_new_session(s, 1)) {
       goto err;
     }
-  } else {
-    i = ssl_get_prev_session(s, &early_ctx);
-    if (i == PENDING_SESSION) {
-      s->rwstate = SSL_PENDING_SESSION;
-      goto err;
-    } else if (i == -1) {
-      goto err;
-    }
-
-    /* Only resume if the session's version matches the negotiated version:
-     * most clients do not accept a mismatch. */
-    if (i == 1 && s->version == s->session->ssl_version) {
-      s->hit = 1;
-    } else {
-      /* No session was found or it was unacceptable. */
-      if (!ssl_get_new_session(s, 1)) {
-        goto err;
-      }
-    }
   }
 
   if (s->ctx->dos_protection_cb != NULL && s->ctx->dos_protection_cb(&early_ctx) == 0) {