Don't send zero length session ID if stateless session resupmtion is

[openssl.git] / ssl / d1_enc.c

diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c
index 42997eaee99015cead88707fe4af3955c1c52deb..ea5e12ee070e666c125add33a9dd780fbe464740 100644 (file)
--- a/ssl/d1_enc.c
+++ b/ssl/d1_enc.c
@@ -120,7 +120,9 @@
 #include <openssl/hmac.h>
 #include <openssl/md5.h>
 #include <openssl/rand.h>
-
+#ifdef KSSL_DEBUG
+#include <openssl/des.h>
+#endif
 
 int dtls1_enc(SSL *s, int send)
        {
@@ -132,8 +134,8 @@ int dtls1_enc(SSL *s, int send)
 
        if (send)
                {
-               if (s->write_hash != NULL)
-                       n=EVP_MD_size(s->write_hash);
+               if (EVP_MD_CTX_md(s->write_hash))
+                       n=EVP_MD_CTX_size(s->write_hash);
                ds=s->enc_write_ctx;
                rec= &(s->s3->wrec);
                if (s->enc_write_ctx == NULL)
@@ -146,13 +148,16 @@ int dtls1_enc(SSL *s, int send)
                                fprintf(stderr, "%s:%d: rec->data != rec->input\n",
                                        __FILE__, __LINE__);
                        else if ( EVP_CIPHER_block_size(ds->cipher) > 1)
-                               RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher));
+                               {
+                               if (!RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher)))
+                                       return -1;
+                               }
                        }
                }
        else
                {
-               if (s->read_hash != NULL)
-                       n=EVP_MD_size(s->read_hash);
+               if (EVP_MD_CTX_md(s->read_hash))
+                       n=EVP_MD_CTX_size(s->read_hash);
                ds=s->enc_read_ctx;
                rec= &(s->s3->rrec);
                if (s->enc_read_ctx == NULL)