From ea80f9d5df4c302de391e999395e1c87f9c786b3 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Tue, 15 Nov 2016 18:19:55 +0900
Subject: [PATCH] obfuscated_ticket_age must also be reset when comparing.

Thanks to Eric Rescorla for catching this.

Change-Id: Id0a024d7f705519cfe76d350e0ef2688dbd11a22
Reviewed-on: https://boringssl-review.googlesource.com/12303
Reviewed-by: Nick Harper <nharper@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
---
 ssl/test/runner/handshake_server.go | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/ssl/test/runner/handshake_server.go b/ssl/test/runner/handshake_server.go
index 738668d9..57879f95 100644
--- a/ssl/test/runner/handshake_server.go
+++ b/ssl/test/runner/handshake_server.go
@@ -637,6 +637,15 @@ ResendHelloRetryRequest:
 			}
 			newClientHelloCopy.tls13Cookie = nil
 		}
+
+		// PSK binders and obfuscated ticket age are both updated in the
+		// second ClientHello.
+		if len(oldClientHelloCopy.pskIdentities) != len(newClientHelloCopy.pskIdentities) {
+			return errors.New("tls: PSK identity count from old and new ClientHello do not match")
+		}
+		for i, identity := range oldClientHelloCopy.pskIdentities {
+			newClientHelloCopy.pskIdentities[i].obfuscatedTicketAge = identity.obfuscatedTicketAge
+		}
 		newClientHelloCopy.pskBinders = oldClientHelloCopy.pskBinders
 
 		if !oldClientHelloCopy.equal(&newClientHelloCopy) {