gnutls_session_is_resumed: don't check session ID in TLS 1.3

In middlebox compatibiltiy mode, TLS 1.3 client simulates the TLS 1.2 resumption handshake, so checking session ID for resumption is pointless. This worked previously because the client always generated new random value even in a true resumption handshake, but didn't update the session parameters properly. Signed-off-by: Daiki Ueno <ueno@gnu.org>

gnutls_session_is_resumed: don't check session ID in TLS 1.3
5416fdc2 · Daiki Ueno · f237cbd9 · 5416fdc2
Commit 5416fdc2 authored 4 years ago by Daiki Ueno
--- a/lib/state.c
+++ b/lib/state.c
@@ -981,9 +981,9 @@ int gnutls_session_is_resumed(gnutls_session_t session)
 {
 	if (session->security_parameters.entity == GNUTLS_CLIENT) {
 		const version_entry_st *ver = get_version(session);
-		if (ver && ver->tls13_sem &&
-		    session->internals.resumed)
-			return 1;
+		if (ver && ver->tls13_sem) {
+			return session->internals.resumed;
+		}

 		if (session->security_parameters.session_id_size > 0 &&
 		    session->security_parameters.session_id_size ==