continue;
md = ssl_md(sess->cipher->algorithm2);
- if (md == NULL) {
- /*
- * Don't recognise this cipher so we can't use the session.
- * Ignore it
- */
+ if (md != ssl_md(s->s3->tmp.new_cipher->algorithm2)) {
+ /* The ciphersuite is not compatible with this session. */
SSL_SESSION_free(sess);
sess = NULL;
continue;