Commit b40b9895 authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

I simplified the SSL session id re-use code now to *always* ditch the previous 

one and store the current one, as it makes the code less complex and I'm not
even sure I can check for the same session id using memcmp() like that.
parent 5eba93c4

lib/gtls.c

+3 −11
Original line number Diff line number Diff line
@@ -604,18 +604,10 @@ Curl_gtls_connect(struct connectdata *conn, 
      /* extract session ID to the allocated buffer */

      gnutls_session_get_data(session, connect_sessionid, &connect_idsize);



      if(ssl_sessionid &&

         ((connect_idsize != ssl_idsize) ||

          memcmp(connect_sessionid, ssl_sessionid, ssl_idsize)))

        /* there was one before in the cache, but without the same size or

           with different contents so delete the old one */

      if(ssl_sessionid)

        /* there was one before in the cache, so instead of risking that the

           previous one was rejected, we just kill that and store the new */

        Curl_ssl_delsessionid(conn, ssl_sessionid);

      else if(ssl_sessionid) {

        /* it was in the cache and its the same one now, just leave it */

        free(connect_sessionid);

        return CURLE_OK;

      }





      /* store this session id */

      return Curl_ssl_addsessionid(conn, connect_sessionid, connect_idsize);