crypto/tls: skip session cache for TLS 1.3

Skip reading the session cache if TLS 1.3 is in use (the cache has no use), skip storing a session if TLS 1.3 is in use (sessionCache can still be set when TLS 1.2 is allowed).
2017-09-12 19:39:14 +01:00 · 2017-09-12 19:39:14 +01:00 · 9eb1d7faf7
commit 9eb1d7faf7
parent 9f46cf9e2d
1 changed files with 3 additions and 2 deletions
--- a/handshake_client.go
+++ b/handshake_client.go
@ -119,7 +119,8 @@ func (c *Conn) clientHandshake() error {
 	var session *ClientSessionState
 	var cacheKey string
 	sessionCache := c.config.ClientSessionCache
-	if c.config.SessionTicketsDisabled {
+	// TLS 1.3 has no session resumption based on session tickets.
+	if c.config.SessionTicketsDisabled || c.config.maxVersion() >= VersionTLS13 {
 		sessionCache = nil
 	}

@ -177,7 +178,7 @@ func (c *Conn) clientHandshake() error {

 	// If we had a successful handshake and hs.session is different from
 	// the one already cached - cache a new one
-	if sessionCache != nil && hs.session != nil && session != hs.session {
+	if sessionCache != nil && hs.session != nil && session != hs.session && c.vers < VersionTLS13 {
 		sessionCache.Put(cacheKey, hs.session)
 	}