Further BUILDENV refinement, further fool-proofing of Makefiles and

[openssl.git] / ssl / ssl_sess.c

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index cf49fde160b9d17adeec06e176512d1ba51dcf2a..5d00a98a7404567efbe11fef423173eef85dbe0d 100644 (file)
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -148,7 +148,8 @@ static int def_generate_session_id(const SSL *ssl, unsigned char *id,
 {
        unsigned int retry = 0;
        do
-               RAND_pseudo_bytes(id, *id_len);
+               if (RAND_pseudo_bytes(id, *id_len) <= 0)
+                       return 0;
        while(SSL_has_matching_session_id(ssl, id, *id_len) &&
                (++retry < MAX_SESS_ID_ATTEMPTS));
        if(retry < MAX_SESS_ID_ATTEMPTS)
@@ -204,6 +205,11 @@ int ssl_get_new_session(SSL *s, int session)
                        ss->ssl_version=TLS1_VERSION;
                        ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
                        }
+               else if (s->version == DTLS1_VERSION)
+                       {
+                       ss->ssl_version=DTLS1_VERSION;
+                       ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+                       }
                else
                        {
                        SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);