Skip to content
  1. Feb 27, 2001
  2. Feb 26, 2001
  3. Feb 25, 2001
  4. Feb 24, 2001
  5. Feb 23, 2001
  6. Feb 22, 2001
  7. Feb 21, 2001
    • Geoff Thorpe's avatar
      If a callback is generating a new session ID for SSLv2, then upon exiting, · ec0f1959
      Geoff Thorpe authored
      the ID will be padded out to 16 bytes if the callback attempted to generate
      a shorter one. The problem is that the uniqueness checking function used in
      callbacks may mistakenly think a 9-byte ID is unique when in fact its
      padded 16-byte version is not. This makes the checking function detect
      SSLv2 cases, and ensures the padded form is checked rather than the shorter
      one passed by the callback.
      ec0f1959