Really fix SSLv2 session ID handling

PR: 377
author: Lutz Jänicke <jaenicke@openssl.org> 2003-01-15 09:51:22 +0000
committer: Lutz Jänicke <jaenicke@openssl.org> 2003-01-15 09:51:22 +0000
commit: 8ec16ce7110a9b60bb6a616c4f0ad2df6cb08894 (patch)
tree: 45343cb7672279ec38d126658faa6783738013fb /ssl/s2_clnt.c
parent: 0e4aa0d2d2807e0cbeac29b65d2b9061daed8941 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index c6319bb63d..1d24dedc91 100644
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -1021,7 +1021,7 @@ static int get_server_finished(SSL *s)
 		if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
 			{
 			if ((s->session->session_id_length > sizeof s->session->session_id)
-			    || (0 != memcmp(buf, s->session->session_id,
+			    || (0 != memcmp(buf + 1, s->session->session_id,
 			                    (unsigned int)s->session->session_id_length)))
 				{
 				ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
author	Lutz Jänicke <jaenicke@openssl.org>	2003-01-15 09:51:22 +0000
committer	Lutz Jänicke <jaenicke@openssl.org>	2003-01-15 09:51:22 +0000
commit	8ec16ce7110a9b60bb6a616c4f0ad2df6cb08894 (patch)
tree	45343cb7672279ec38d126658faa6783738013fb /ssl/s2_clnt.c
parent	0e4aa0d2d2807e0cbeac29b65d2b9061daed8941 (diff)