* or bad things can happen */
/* ZZZZZZZZZZZZZ */
s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
- memcpy(s->session->session_id,p,SSL2_SSL_SESSION_ID_LENGTH);
+ memcpy(s->session->session_id,p+1,SSL2_SSL_SESSION_ID_LENGTH);
}
else
{
if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
{
if ((s->session->session_id_length > sizeof s->session->session_id)
- || (0 != memcmp(buf, s->session->session_id,
+ || (0 != memcmp(buf + 1, s->session->session_id,
(unsigned int)s->session->session_id_length)))
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);