+ /* We've found the session named by the client, but we don't
+ * want to use it in this context. */
+
+ if (s->sid_ctx_length == 0)
+ {
+ /* application should have used SSL[_CTX]_set_session_id_context
+ * -- we could tolerate this and just pretend we never heard
+ * of this session, but then applications could effectively
+ * disable the session cache by accident without anyone noticing */
+
+ SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
+ fatal = 1;
+ goto err;
+ }
+ else
+ {
+#if 0 /* The client cannot always know when a session is not appropriate,
+ * so we shouldn't generate an error message. */