Fix SSL_CTX_set_session_id_context() docs

Also, use define rather than sizeof Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9377)
2019-07-15 09:55:13 -04:00 · 2019-07-15 09:55:13 -04:00 · fe9edc9d39
commit fe9edc9d39
parent c17d60ea29
2 changed files with 3 additions and 3 deletions
--- a/doc/man3/SSL_CTX_set_session_id_context.pod
+++ b/doc/man3/SSL_CTX_set_session_id_context.pod
@ -42,7 +42,7 @@ OpenSSL clients will check the session id context returned by the server
 when reusing a session.

 The maximum length of the B<sid_ctx> is limited to
-B<SSL_MAX_SSL_SESSION_ID_LENGTH>.
+B<SSL_MAX_SID_CTX_LENGTH>.

 =head1 WARNINGS

@ -67,7 +67,7 @@ return the following values:
 =item Z<>0

 The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
-the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
+the maximum allowed length of B<SSL_MAX_SID_CTX_LENGTH>. The error
 is logged to the error stack.

 =item Z<>1
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@ -877,7 +877,7 @@ int SSL_up_ref(SSL *s)
 int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
                                   unsigned int sid_ctx_len)
 {
-    if (sid_ctx_len > sizeof(ctx->sid_ctx)) {
+    if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
        SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
        return 0;