mirror of https://github.com/moparisthebest/curl
openssl: remove SSL_get_session()-using code
It was present for OpenSSL 0.9.5 code but we only support 0.9.7 or later.
This commit is contained in:
Daniel Stenberg
parent
fc16d9cec8
commit
ccfdd5986c
|
|
@ -83,12 +83,6 @@
|
|||
#error "OPENSSL_VERSION_NUMBER not defined"
|
||||
#endif
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x0090581fL
|
||||
#define HAVE_SSL_GET1_SESSION 1
|
||||
#else
|
||||
#undef HAVE_SSL_GET1_SESSION
|
||||
#endif
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x00904100L
|
||||
#define HAVE_USERDATA_IN_PWD_CALLBACK 1
|
||||
#else
|
||||
|
|
@ -2814,25 +2808,11 @@ static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex)
|
|||
|
||||
DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
|
||||
|
||||
#ifdef HAVE_SSL_GET1_SESSION
|
||||
our_ssl_sessionid = SSL_get1_session(connssl->handle);
|
||||
|
||||
/* SSL_get1_session() will increment the reference
|
||||
count and the session will stay in memory until explicitly freed with
|
||||
SSL_SESSION_free(3), regardless of its state.
|
||||
This function was introduced in openssl 0.9.5a. */
|
||||
#else
|
||||
our_ssl_sessionid = SSL_get_session(connssl->handle);
|
||||
|
||||
/* if SSL_get1_session() is unavailable, use SSL_get_session().
|
||||
This is an inferior option because the session can be flushed
|
||||
at any time by openssl. It is included only so curl compiles
|
||||
under versions of openssl < 0.9.5a.
|
||||
|
||||
WARNING: How curl behaves if it's session is flushed is
|
||||
untested.
|
||||
*/
|
||||
#endif
|
||||
/* SSL_get1_session() will increment the reference count and the session
|
||||
will stay in memory until explicitly freed with SSL_SESSION_free(3),
|
||||
regardless of its state. */
|
||||
|
||||
incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL));
|
||||
if(incache) {
|
||||
|
|
@ -2851,7 +2831,6 @@ static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex)
|
|||
return result;
|
||||
}
|
||||
}
|
||||
#ifdef HAVE_SSL_GET1_SESSION
|
||||
else {
|
||||
/* Session was incache, so refcount already incremented earlier.
|
||||
* Avoid further increments with each SSL_get1_session() call.
|
||||
|
|
@ -2859,7 +2838,6 @@ static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex)
|
|||
*/
|
||||
SSL_SESSION_free(our_ssl_sessionid);
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* We check certificates to authenticate the server; otherwise we risk
|
||||
|
|
|
|||
Loading…
Reference in New Issue