Don't send zero length session ID if stateless session resupmtion is

[openssl.git] / ssl / s2_pkt.c

diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index cf0aee2bd696dd7352fc2316835c4c97cce862d1..e6d5d09643ba2c0f0f1f336c3341a50191825353 100644 (file)
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -246,7 +246,8 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
                        }
                else
                        {
-                       mac_size=EVP_MD_size(s->read_hash);
+                       mac_size=EVP_MD_CTX_size(s->read_hash);
+                       OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
                        s->s2->mac_data=p;
                        s->s2->ract_data= &p[mac_size];
                        if (s->s2->padding + mac_size > s->s2->rlength)
@@ -528,7 +529,7 @@ static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
        if (s->s2->clear_text)
                mac_size=0;
        else
-               mac_size=EVP_MD_size(s->write_hash);
+               mac_size=EVP_MD_CTX_size(s->write_hash);
 
        /* lets set the pad p */
        if (s->s2->clear_text)