Return null SSL session on zero length array

commit: dc327dfe21ace9e3f80ff3a0faa0a4597cf6a4a4 [log] [tgz]
author: remm <remm@apache.org> Mon Oct 07 11:08:31 2024 +0200
committer: remm <remm@apache.org> Mon Oct 07 11:08:31 2024 +0200
tree: 94248281a6fc13ac89f1d0c102423731124ac81d
parent: ce6605978583d180e4b888e59ad318e8fa9f9d29 [diff]
diff --git a/java/org/apache/tomcat/util/net/jsse/JSSESupport.java b/java/org/apache/tomcat/util/net/jsse/JSSESupport.java
index 059cf77..d4438f6 100644
--- a/java/org/apache/tomcat/util/net/jsse/JSSESupport.java
+++ b/java/org/apache/tomcat/util/net/jsse/JSSESupport.java

@@ -170,7 +170,7 @@
         }
         // Expose ssl_session (getId)
         byte [] ssl_session = session.getId();
-        if ( ssl_session == null) {
+        if (ssl_session == null || ssl_session.length == 0) {
             return null;
         }
         StringBuilder buf=new StringBuilder();
commit	dc327dfe21ace9e3f80ff3a0faa0a4597cf6a4a4	[log] [tgz]
author	remm <remm@apache.org>	Mon Oct 07 11:08:31 2024 +0200
committer	remm <remm@apache.org>	Mon Oct 07 11:08:31 2024 +0200
tree	94248281a6fc13ac89f1d0c102423731124ac81d
parent	ce6605978583d180e4b888e59ad318e8fa9f9d29 [diff]