wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix SSL_CTX_set_session_id_context() docs

Browse source 
Also, use define rather than sizeof

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9377)
This commit is contained in:
Todd Short 2019-07-15 09:55:13 -04:00 committed by Matt Caswell
parent c17d60ea29
commit fe9edc9d39
2 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
doc/man3/SSL_CTX_set_session_id_context.pod
View file

@ -42,7 +42,7 @@ OpenSSL clients will check the session id context returned by the server
when reusing a session. when reusing a session.
The maximum length of the B<sid_ctx> is limited to The maximum length of the B<sid_ctx> is limited to
B<SSL_MAX_SSL_SESSION_ID_LENGTH>. B<SSL_MAX_SID_CTX_LENGTH>.
=head1 WARNINGS =head1 WARNINGS
@ -67,7 +67,7 @@ return the following values:
=item Z<>0 =item Z<>0
The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error the maximum allowed length of B<SSL_MAX_SID_CTX_LENGTH>. The error
is logged to the error stack. is logged to the error stack.
=item Z<>1 =item Z<>1

2
ssl/ssl_lib.c
View file

@ -877,7 +877,7 @@ int SSL_up_ref(SSL *s)
int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
unsigned int sid_ctx_len) unsigned int sid_ctx_len)
{ {
if (sid_ctx_len > sizeof(ctx->sid_ctx)) { if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT, SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
return 0; return 0;