Do not lookup zero-length session ID

A condition was removed by commit 1053a6e2281d; presumably it was an unintended change. Restore the previous behavior so the get_session_cb won't be called with zero-length session ID. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4236)
author: Kazuki Yamaguchi <k@rhe.jp> 2017-03-31 22:52:56 +0900
committer: Bernd Edlinger <bernd.edlinger@hotmail.de> 2017-08-25 14:36:07 +0200
commit: 0afca8113e81e8cd6f0f891f7f6ebfc5f14489db (patch)
tree: 72028e6edfdd461cbbac02c9e0e70bb558b4818e /ssl
parent: 0139ce7c92f5570ce1513cfe776df94460842ce0 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 7336251210..efba7077ae 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -491,7 +491,8 @@ int ssl_get_prev_session(SSL *s, CLIENTHELLO_MSG *hello, int *al)
             goto err;
         case TICKET_NONE:
         case TICKET_EMPTY:
-            try_session_cache = 1;
+            if (hello->session_id_len > 0)
+                try_session_cache = 1;
             break;
         case TICKET_NO_DECRYPT:
         case TICKET_SUCCESS:
author	Kazuki Yamaguchi <k@rhe.jp>	2017-03-31 22:52:56 +0900
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>	2017-08-25 14:36:07 +0200
commit	0afca8113e81e8cd6f0f891f7f6ebfc5f14489db (patch)
tree	72028e6edfdd461cbbac02c9e0e70bb558b4818e /ssl
parent	0139ce7c92f5570ce1513cfe776df94460842ce0 (diff)