diff --git a/ssl/ssl.h b/ssl/ssl.h index 1df253cd28dc8e7e82d08d1c2f5592d59589e8c6..8983cf97fa600ffe9bf76e5e9d91733179f62da4 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -1365,6 +1365,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216 #define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217 #define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218 +#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 #define SSL_R_SHORT_READ 219 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 358abef1e6fe2691a3df930c20096d0b7c2a5705..3ddc805b537067cb2445b0210486900972626882 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -318,6 +318,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_REUSE_CERT_LENGTH_NOT_ZERO ,"reuse cert length not zero"}, {SSL_R_REUSE_CERT_TYPE_NOT_ZERO ,"reuse cert type not zero"}, {SSL_R_REUSE_CIPHER_LIST_NOT_ZERO ,"reuse cipher list not zero"}, +{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED ,"session id context uninitialized"}, {SSL_R_SHORT_READ ,"short read"}, {SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"}, {SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"}, diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 259725c7a10f10ec1fb74f63e21f56f46f941f64..cac408c38e805689c102f6a7c71accfc2d409fec 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -225,7 +225,11 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len) && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length))) { - SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); + if (s->sid_ctx_length) + SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); + else + /* application should have used SSL[_CTX]_set_session_id_context */ + SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED); return 0; }