kris/th5
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

crypto/tls: skip session cache for TLS 1.3

Browse Source 
Skip reading the session cache if TLS 1.3 is in use (the cache has no
use), skip storing a session if TLS 1.3 is in use (sessionCache can
still be set when TLS 1.2 is allowed).
This commit is contained in:
Peter Wu 2017-09-12 19:39:14 +01:00
parent 9f46cf9e2d
commit 9eb1d7faf7
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
handshake_client.go
View File

@ -119,7 +119,8 @@ func (c *Conn) clientHandshake() error {
var session *ClientSessionState var session *ClientSessionState
var cacheKey string var cacheKey string
sessionCache := c.config.ClientSessionCache sessionCache := c.config.ClientSessionCache
if c.config.SessionTicketsDisabled { // TLS 1.3 has no session resumption based on session tickets.
if c.config.SessionTicketsDisabled || c.config.maxVersion() >= VersionTLS13 {
sessionCache = nil sessionCache = nil
} }
@ -177,7 +178,7 @@ func (c *Conn) clientHandshake() error {
// If we had a successful handshake and hs.session is different from // If we had a successful handshake and hs.session is different from
// the one already cached - cache a new one // the one already cached - cache a new one
if sessionCache != nil && hs.session != nil && session != hs.session { if sessionCache != nil && hs.session != nil && session != hs.session && c.vers < VersionTLS13 {
sessionCache.Put(cacheKey, hs.session) sessionCache.Put(cacheKey, hs.session)
} }