projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix wrong handling of session ID in SSLv2 client code.
[openssl.git] / ssl / s2_clnt.c
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index 0bc04d284e83060164cc2a429ca23d686761c20b..c6319bb63da68cb4fa282f93eca2c5db274508b6 100644 (file)
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -1014,7 +1014,7 @@ static int get_server_finished(SSL *s)
                 * or bad things can happen */
                /* ZZZZZZZZZZZZZ */
                s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
-               memcpy(s->session->session_id,p,SSL2_SSL_SESSION_ID_LENGTH);
+               memcpy(s->session->session_id,p+1,SSL2_SSL_SESSION_ID_LENGTH);
                }
        else
                {
Unnamed repository; edit this file 'description' to name the repository.