Don't record handshake hashes if no Channel ID Change-Id: Ic0dcde436024e8d11f9b5986998cf6e808ff036b Reviewed-on: https://boringssl-review.googlesource.com/6007 Reviewed-by: Adam Langley <agl@google.com>

commit: 4d11aff33a1614e6d0042e926f20141699f95701 [log] [tgz]
author: Matt Braithwaite <mab@google.com> Fri Sep 25 16:18:09 2015 -0700
committer: Adam Langley <agl@google.com> Tue Sep 29 21:47:05 2015 +0000
tree: 9dbdae8df7b5f5baa66f4d2fd3f4a3ef99a6da1e
parent: 24925860582d0d4fdace2cce078c50b865b2cc18 [diff]
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index b428043..935edae 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c

@@ -482,7 +482,7 @@
         /* If this is a full handshake with ChannelID then record the hashshake
          * hashes in |s->session| in case we need them to verify a ChannelID
          * signature on a resumption of this session in the future. */
-        if (!s->hit) {
+        if (!s->hit && s->s3->tlsext_channel_id_valid) {
           ret = tls1_record_handshake_hashes_for_channel_id(s);
           if (ret <= 0) {
             goto end;
commit	4d11aff33a1614e6d0042e926f20141699f95701	[log] [tgz]
author	Matt Braithwaite <mab@google.com>	Fri Sep 25 16:18:09 2015 -0700
committer	Adam Langley <agl@google.com>	Tue Sep 29 21:47:05 2015 +0000
tree	9dbdae8df7b5f5baa66f4d2fd3f4a3ef99a6da1e
parent	24925860582d0d4fdace2cce078c50b865b2cc18 [diff]