# HG changeset patch # User apetcher # Date 1527268801 14400 # Node ID 34f33526b9a5c4ab19e6a65f3a4c82c7d9950c04 # Parent 78914bf16bee9b38b68e8ac20ff9aa4cfdf3fa28 A couple of minor session resumption fixes diff -r 78914bf16bee -r 34f33526b9a5 src/java.base/share/classes/sun/security/ssl/ClientHello.java --- a/src/java.base/share/classes/sun/security/ssl/ClientHello.java Thu May 24 13:09:59 2018 -0700 +++ b/src/java.base/share/classes/sun/security/ssl/ClientHello.java Fri May 25 13:20:01 2018 -0400 @@ -517,7 +517,10 @@ SSLLogger.finest("Try resuming session", session); } - sessionId = session.getSessionId(); + // only set session id if session is 1.2 or earlier + if (!session.getProtocolVersion().useTLS13PlusSpec()) { + sessionId = session.getSessionId(); + } if (!maxProtocolVersion.equals(sessionVersion)) { maxProtocolVersion = sessionVersion; diff -r 78914bf16bee -r 34f33526b9a5 src/java.base/share/classes/sun/security/ssl/PreSharedKeyExtension.java --- a/src/java.base/share/classes/sun/security/ssl/PreSharedKeyExtension.java Thu May 24 13:09:59 2018 -0700 +++ b/src/java.base/share/classes/sun/security/ssl/PreSharedKeyExtension.java Fri May 25 13:20:01 2018 -0400 @@ -701,16 +701,13 @@ ClientHandshakeContext chc = (ClientHandshakeContext)context; - if (!chc.handshakeExtensions.containsKey(SSLExtension.CH_PRE_SHARED_KEY)) { - // absence is expected---nothing to do - return; + if (chc.handshakeExtensions.containsKey(SSLExtension.CH_PRE_SHARED_KEY)) { + // The PSK identity should not be reused, even if it is + // not selected. + chc.resumingSession.consumePskIdentity(); } - // The PSK identity should not be reused, even if it is - // not selected. - chc.resumingSession.consumePskIdentity(); - - // If the client requested to resume, the server refused + // the server refused to resume, or the client did not request 1.3 resumption chc.resumingSession = null; chc.isResumption = false; }