aboutsummaryrefslogtreecommitdiff
path: root/src/crypto/tls/handshake_server_tls13.go
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto/tls/handshake_server_tls13.go')
-rw-r--r--src/crypto/tls/handshake_server_tls13.go10
1 files changed, 2 insertions, 8 deletions
diff --git a/src/crypto/tls/handshake_server_tls13.go b/src/crypto/tls/handshake_server_tls13.go
index 0033164f65..b066924e29 100644
--- a/src/crypto/tls/handshake_server_tls13.go
+++ b/src/crypto/tls/handshake_server_tls13.go
@@ -314,7 +314,6 @@ func (hs *serverHandshakeStateTLS13) checkForResumption() error {
return nil
}
-pskIdentityLoop:
for i, identity := range hs.clientHello.pskIdentities {
if i >= maxClientPSKIdentities {
break
@@ -367,13 +366,8 @@ pskIdentityLoop:
if sessionHasClientCerts && c.config.ClientAuth == NoClientCert {
continue
}
- if sessionHasClientCerts {
- now := c.config.time()
- for _, c := range sessionState.peerCertificates {
- if now.After(c.NotAfter) {
- continue pskIdentityLoop
- }
- }
+ if sessionHasClientCerts && c.config.time().After(sessionState.peerCertificates[0].NotAfter) {
+ continue
}
if sessionHasClientCerts && c.config.ClientAuth >= VerifyClientCertIfGiven &&
len(sessionState.verifiedChains) == 0 {
generated by cgit v1.3 (git 2.53.0) at 2026-04-15 04:04:00 +0000