From: Dr. Stephen Henson Date: Fri, 25 Apr 2008 16:27:25 +0000 (+0000) Subject: Fix from HEAD. X-Git-Tag: OpenSSL_0_9_8h~34 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d3eef3e5afc806ba61ca1b6a1af456b24363eda8;p=openssl Fix from HEAD. --- diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index a686718b36..b83a8d7da4 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1115,8 +1115,16 @@ int ssl3_send_server_hello(SSL *s) * session-id if we want it to be single use. * Currently I will not implement the '0' length session-id * 12-Jan-98 - I'll now support the '0' length stuff. + * + * We also have an additional case where stateless session + * resumption is successful: we always send back the old + * session id. In this case s->hit is non zero: this can + * only happen if stateless session resumption is succesful + * if session caching is disabled so existing functionality + * is unaffected. */ - if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)) + if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER) + && !s->hit) s->session->session_id_length=0; sl=s->session->session_id_length;