From 465c7208cc0cb3f2715d66a1b90c0ea501627eb4 Mon Sep 17 00:00:00 2001
From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Wed, 22 Mar 2017 21:33:31 +0900
Subject: [PATCH] nghttpx: Don't look up session ID if length is 0

---
 src/shrpx_ssl.cc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/shrpx_ssl.cc b/src/shrpx_ssl.cc
index 56280faa..5f8a3691 100644
--- a/src/shrpx_ssl.cc
+++ b/src/shrpx_ssl.cc
@@ -323,6 +323,10 @@ SSL_SESSION *tls_session_get_cb(SSL *ssl,
   auto dispatcher = worker->get_session_cache_memcached_dispatcher();
   auto &balloc = handler->get_block_allocator();
 
+  if (idlen == 0) {
+    return nullptr;
+  }
+
   if (conn->tls.cached_session) {
     if (LOG_ENABLED(INFO)) {
       LOG(INFO) << "Memcached: found cached session, id="