From 673eadec2c9032e938040d5eba241baed30d2c10 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Bodo=20M=C3=B6ller?= Date: Mon, 17 May 1999 11:15:49 +0000 Subject: [PATCH] Additional, more descriptive error message for rejection of a session ID because of missing session ID context (so that application programmers are directly pointed to what they should do differently). --- ssl/ssl.h | 1 + ssl/ssl_err.c | 1 + ssl/ssl_sess.c | 6 +++++- 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/ssl/ssl.h b/ssl/ssl.h index 1df253cd28..8983cf97fa 100644 --- a/ssl/ssl.h +++ b/ssl/ssl.h @@ -1365,6 +1365,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216 #define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217 #define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218 +#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 #define SSL_R_SHORT_READ 219 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 358abef1e6..3ddc805b53 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -318,6 +318,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_REUSE_CERT_LENGTH_NOT_ZERO ,"reuse cert length not zero"}, {SSL_R_REUSE_CERT_TYPE_NOT_ZERO ,"reuse cert type not zero"}, {SSL_R_REUSE_CIPHER_LIST_NOT_ZERO ,"reuse cipher list not zero"}, +{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED ,"session id context uninitialized"}, {SSL_R_SHORT_READ ,"short read"}, {SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"}, {SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"}, diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 259725c7a1..cac408c38e 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -225,7 +225,11 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len) && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length))) { - SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); + if (s->sid_ctx_length) + SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); + else + /* application should have used SSL[_CTX]_set_session_id_context */ + SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED); return 0; } -- 2.34.1