aboutsummaryrefslogtreecommitdiff
path: root/src/crypto/tls/common.go
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto/tls/common.go')
-rw-r--r--src/crypto/tls/common.go7
1 files changed, 1 insertions, 6 deletions
diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go
index d6d4c91740..6fe6f34cd2 100644
--- a/src/crypto/tls/common.go
+++ b/src/crypto/tls/common.go
@@ -942,10 +942,6 @@ const maxSessionTicketLifetime = 7 * 24 * time.Hour
// Clone returns a shallow clone of c or nil if c is nil. It is safe to clone a [Config] that is
// being used concurrently by a TLS client or server.
-//
-// If Config.SessionTicketKey is unpopulated, and Config.SetSessionTicketKeys has not been
-// called, the clone will not share the same auto-rotated session ticket keys as the original
-// Config in order to prevent sessions from being resumed across Configs.
func (c *Config) Clone() *Config {
if c == nil {
return nil
@@ -986,8 +982,7 @@ func (c *Config) Clone() *Config {
EncryptedClientHelloRejectionVerify: c.EncryptedClientHelloRejectionVerify,
EncryptedClientHelloKeys: c.EncryptedClientHelloKeys,
sessionTicketKeys: c.sessionTicketKeys,
- // We explicitly do not copy autoSessionTicketKeys, so that Configs do
- // not share the same auto-rotated keys.
+ autoSessionTicketKeys: c.autoSessionTicketKeys,
}
}
generated by cgit v1.3 (git 2.53.0) at 2026-04-15 04:05:25 +0000