[openssl-users] Possible bug in 1.1.1-pre8 with NSTs and PSK in initial ClientHello handshake

[Henderson, Karl]

According to RFC8446, Section C.4 “Servers SHOULD issue new tickets with every connection”.

Yet, in file ssl/statem/extensions_srvr.c, method tls_parse_ctos_psk, s->ext.ticket_expected = 0, preventing the NST from being sent.

This appears to be a bug – or am I missing something?

Thanks,
Karl

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180813/b235ea48/attachment.html>