diff options
author | Lutz Jänicke <jaenicke@openssl.org> | 2007-10-19 07:36:34 +0000 |
---|---|---|
committer | Lutz Jänicke <jaenicke@openssl.org> | 2007-10-19 07:36:34 +0000 |
commit | 8c447031adff74d8a910231fc06396bbbb331685 (patch) | |
tree | 6267705360bb8130b3c25cbbc3b9d78c1f0aa99c | |
parent | 4875e097f145c30a6a019c0fa5bc3a15e9b9152d (diff) |
Prepare OpenSSL 0.9.8g: cherry pick
http://cvs.openssl.org/chngview?cn=16691
Don't try to lookup zero length session.
PR: 1591
Submitted by: steve
-rw-r--r-- | ssl/ssl_sess.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index d30a24f2fe..ee88be2b88 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -320,10 +320,12 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, fatal = 1; goto err; } - else if (r == 0) + else if (r == 0 || (!ret && !len)) goto err; else if (!ret && !(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) #else + if (len == 0) + goto err; if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) #endif { |