I simplified the SSL session id re-use code now to *always* ditch the previous

one and store the current one, as it makes the code less complex and I'm not even sure I can check for the same session id using memcmp() like that.
2024-12-22 08:08:50 -05:00 · 2009-05-05 08:33:29 +00:00 · 2009-05-05 08:33:29 +00:00 · b40b989523
commit b40b989523
parent 5eba93c4e7
1 changed files with 3 additions and 11 deletions
--- a/lib/gtls.c
+++ b/lib/gtls.c
@ -604,18 +604,10 @@ Curl_gtls_connect(struct connectdata *conn,
      /* extract session ID to the allocated buffer */
      gnutls_session_get_data(session, connect_sessionid, &connect_idsize);

-      if(ssl_sessionid &&
-         ((connect_idsize != ssl_idsize) ||
-          memcmp(connect_sessionid, ssl_sessionid, ssl_idsize)))
-        /* there was one before in the cache, but without the same size or
-           with different contents so delete the old one */
+      if(ssl_sessionid)
+        /* there was one before in the cache, so instead of risking that the
+           previous one was rejected, we just kill that and store the new */
        Curl_ssl_delsessionid(conn, ssl_sessionid);
-      else if(ssl_sessionid) {
-        /* it was in the cache and its the same one now, just leave it */
-        free(connect_sessionid);
-        return CURLE_OK;
-      }
-

      /* store this session id */
      return Curl_ssl_addsessionid(conn, connect_sessionid, connect_idsize);