From 7b2d62f4f7b3c4fead0467f55186e2af2e5e9b33 Mon Sep 17 00:00:00 2001
From: toddouska <todd@yassl.com>
Date: Fri, 11 May 2012 12:21:17 -0700
Subject: [PATCH] don't compare session id if server rejects

---
 configure.ac   |  2 +-
 src/internal.c |  6 ++++--
 src/ssl.c      | 10 ++++++++--
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/configure.ac b/configure.ac
index 5b99a8059..38d149b0c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -199,7 +199,7 @@ AC_ARG_ENABLE(bump,
 
 if test "$ENABLED_BUMP" = "yes"
 then
-    AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192 -DCYASSL_DER_LOAD -DCYASSL_ALT_NAMES"
+    AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192 -DCYASSL_DER_LOAD -DCYASSL_ALT_NAMES -DCYASSL_TEST_CERT"
 fi
 
 # fastmath
diff --git a/src/internal.c b/src/internal.c
index c387e0dba..bfe2a9ddf 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -4150,6 +4150,7 @@ int SetCipherList(Suites* s, const char* list)
         byte compression;
         ProtocolVersion pv;
         word32 i = *inOutIdx;
+        int serverResumption = 0;
 
 #ifdef CYASSL_CALLBACKS
         if (ssl->hsInfoOn) AddPacketName("ServerHello", &ssl->handShakeInfo);
@@ -4191,6 +4192,7 @@ int SetCipherList(Suites* s, const char* list)
         if (b) {
             XMEMCPY(ssl->arrays.sessionID, input + i, b);
             i += b;
+            serverResumption = 1;
         }
         ssl->options.cipherSuite0 = input[i++];
         ssl->options.cipherSuite  = input[i++];  
@@ -4206,8 +4208,8 @@ int SetCipherList(Suites* s, const char* list)
         *inOutIdx = i;
 
         if (ssl->options.resuming) {
-            if (XMEMCMP(ssl->arrays.sessionID, ssl->session.sessionID, ID_LEN)
-                                                                        == 0) {
+            if (serverResumption && XMEMCMP(ssl->arrays.sessionID,
+                                         ssl->session.sessionID, ID_LEN) == 0) {
                 if (SetCipherSpecs(ssl) == 0) {
                     int ret; 
                     XMEMCPY(ssl->arrays.masterSecret, ssl->session.masterSecret,
diff --git a/src/ssl.c b/src/ssl.c
index 8197c19dc..f353ccd03 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -1745,7 +1745,10 @@ void CyaSSL_CTX_SetCACb(CYASSL_CTX* ctx, CallbackCACache cb)
 CYASSL_SESSION* CyaSSL_get_session(CYASSL* ssl)
 {
     CYASSL_ENTER("SSL_get_session");
-    return GetSession(ssl, 0);
+    if (ssl)
+        return GetSession(ssl, 0);
+
+    return NULL;
 }
 
 
@@ -7385,7 +7388,10 @@ int  CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN* chain, int idx,
 const byte* CyaSSL_get_sessionID(const CYASSL_SESSION* session)
 {
     CYASSL_ENTER("CyaSSL_get_sessionID");
-    return session->sessionID;
+    if (session)
+        return session->sessionID;
+
+    return NULL;
 }