Additional, more descriptive error message for rejection of a session ID
authorBodo Möller <bodo@openssl.org>
Mon, 17 May 1999 11:15:49 +0000 (11:15 +0000)
committerBodo Möller <bodo@openssl.org>
Mon, 17 May 1999 11:15:49 +0000 (11:15 +0000)
because of missing session ID context (so that application programmers
are directly pointed to what they should do differently).

ssl/ssl.h
ssl/ssl_err.c
ssl/ssl_sess.c

index 1df253c..8983cf9 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1365,6 +1365,7 @@ int SSL_COMP_add_compression_method(int id,char *cm);
 #define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO                216
 #define SSL_R_REUSE_CERT_TYPE_NOT_ZERO                  217
 #define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO                218
+#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED          277
 #define SSL_R_SHORT_READ                                219
 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE     220
 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE              221
index 358abef..3ddc805 100644 (file)
@@ -318,6 +318,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {SSL_R_REUSE_CERT_LENGTH_NOT_ZERO        ,"reuse cert length not zero"},
 {SSL_R_REUSE_CERT_TYPE_NOT_ZERO          ,"reuse cert type not zero"},
 {SSL_R_REUSE_CIPHER_LIST_NOT_ZERO        ,"reuse cipher list not zero"},
+{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED  ,"session id context uninitialized"},
 {SSL_R_SHORT_READ                        ,"short read"},
 {SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
 {SSL_R_SSL23_DOING_SESSION_ID_REUSE      ,"ssl23 doing session id reuse"},
index 259725c..cac408c 100644 (file)
@@ -225,7 +225,11 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
           && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length
               || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length)))
            {
-           SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
+               if (s->sid_ctx_length)
+                       SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
+               else
+                       /* application should have used SSL[_CTX]_set_session_id_context */
+                       SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
            return 0;
            }