Revert optimization from circa 2.0.34 that caused very long vhost id's

to be unusable with mod_ssl.

PR: 8572

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94881 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/mod_ssl.c b/mod_ssl.c
index c1a0c27163517b049b692ac44205e676a4bb32b8..64e366d165c09b5a78421f8bbf2b4869f9a058a2 100644 (file)
--- a/mod_ssl.c
+++ b/mod_ssl.c
@@ -279,6 +279,7 @@ static int ssl_hook_pre_connection(conn_rec *c, void *csd)
     SSLSrvConfigRec *sc = mySrvConfig(c->base_server);
     SSL *ssl;
     SSLConnRec *sslconn = myConnConfig(c);
+    char *vhost_md5;
     modssl_ctx_t *mctx;
 
     /*
@@ -334,12 +335,13 @@ static int ssl_hook_pre_connection(conn_rec *c, void *csd)
         return DECLINED; /* XXX */
     }
 
-    if (!SSL_set_session_id_context(ssl,
-                                    (unsigned char *)sc->vhost_id,
-                                    sc->vhost_id_len))
+    vhost_md5 = ap_md5_binary(c->pool, sc->vhost_id, sc->vhost_id_len);
+
+    if (!SSL_set_session_id_context(ssl, (unsigned char *)vhost_md5,
+                                    MD5_DIGESTSIZE*2))
     {
         ssl_log(c->base_server, SSL_LOG_ERROR|SSL_ADD_SSLERR,
-                "Unable to set session id context to `%s'", sc->vhost_id);
+                "Unable to set session id context to `%s'", vhost_md5);
 
         c->aborted = 1;