crypto/tls: GetCertificate called on resumed sessions #25352
Labels
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
GetCertificate is called just before checking the client session ticket. If the ticket is valid and the session is resumed, that call is probably pointless.
Off the top of my head, I can't remember why the server would need to know its own certificate in a resumed session, but there might be something I'm forgetting around renegotiation. Look into it, and if possible move the GetCertificate call after checkForResumption.
The text was updated successfully, but these errors were encountered: