diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 7864f2f7b00038c7e346c2cf738b45e2b9643217..0e372f5843c6ef44bffa50c99bde802d848be0b0 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -311,6 +311,17 @@ int SSL_CTX_has_matching_session_id(const SSL_CTX *ctx, const unsigned char *id,
 	r.ssl_version = ctx->method->version;
 	r.session_id_length = id_len;
 	memcpy(r.session_id, id, id_len);
+	/* NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
+	 * callback is calling us to check the uniqueness of a shorter ID, it
+	 * must be compared as a padded-out ID because that is what it will be
+	 * converted to when the callback has finished choosing it. */
+	if((r.ssl_version == SSL2_VERSION) &&
+			(id_len < SSL2_SSL_SESSION_ID_LENGTH))
+		{
+		memset(r.session_id + id_len, 0,
+			SSL2_SSL_SESSION_ID_LENGTH - id_len);
+		r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
+		}
 
 	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
 	p = (SSL_SESSION *)lh_retrieve(ctx->sessions, &r);