/* This is used only by servers. */
SSL_SESSION *ret=NULL,data;
- int copy=1;
/* conn_init();*/
data.ssl_version=s->version;
if (ret == NULL)
{
+ int copy=1;
+
s->ctx->stats.sess_miss++;
ret=NULL;
if (s->ctx->get_session_cb != NULL
/* The following should not return 1, otherwise,
* things are very strange */
SSL_CTX_add_session(s->ctx,ret);
+ /* auto free it (decrement reference count now) */
+ if (!copy)
+ SSL_SESSION_free(ret);
}
if (ret == NULL) return(0);
}
&& (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length
|| memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)))
{
- SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
+ if (s->sid_ctx_length)
+ SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
+ else
+ /* application should have used SSL[_CTX]_set_session_id_context */
+ SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
return 0;
}
- /* auto free it */
- if (!copy)
- SSL_SESSION_free(ret);
-
if (ret->cipher == NULL)
{
unsigned char buf[5],*p;