This commit was manufactured by cvs2svn to create branch

[oweals/openssl.git] / ssl / ssl_sess.c

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 6ca808331f7708afd612f9e456032fbf8338b85e..5f12aa361c148d8be3b5b8c0f3f9d5dcdc1a1f08 100644 (file)
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -126,13 +126,6 @@ SSL_SESSION *SSL_SESSION_new(void)
        return(ss);
        }
 
-const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
-       {
-       if(len)
-               *len = s->session_id_length;
-       return s->session_id;
-       }
-
 /* Even with SSLv2, we have 16 bytes (128 bits) of session ID space. SSLv3/TLSv1
  * has 32 bytes (256 bits). As such, filling the ID with random gunk repeatedly
  * until we have no conflict is going to complete in one iteration pretty much
@@ -148,7 +141,8 @@ static int def_generate_session_id(const SSL *ssl, unsigned char *id,
 {
        unsigned int retry = 0;
        do
-               RAND_pseudo_bytes(id, *id_len);
+               if(RAND_pseudo_bytes(id, *id_len) <= 0)
+                       return 0;
        while(SSL_has_matching_session_id(ssl, id, *id_len) &&
                (++retry < MAX_SESS_ID_ATTEMPTS));
        if(retry < MAX_SESS_ID_ATTEMPTS)
@@ -204,11 +198,6 @@ int ssl_get_new_session(SSL *s, int session)
                        ss->ssl_version=TLS1_VERSION;
                        ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
                        }
-               else if (s->version == DTLS1_VERSION)
-                       {
-                       ss->ssl_version=DTLS1_VERSION;
-                       ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
-                       }
                else
                        {
                        SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);