Skip to content
Commit 947f3156 authored by Kurt Roeckx's avatar Kurt Roeckx
Browse files

Initialize the session_id



ssl_session_hash() always looks at the first 4 bytes, regardless of the length.
A client can send a session id that's shorter, and the callback could also
generate one that's shorter.  So we make sure that the rest of the buffer is
initliazed to 0 so that we always calculate the same hash.

Found by tis-interpreter, also previously reported as RT #2871

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>

MR: #2911
parent b2e8bd7b
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment