moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-11-16 06:25:03 -05:00
Code Issues Releases Wiki Activity

openssl: remove SSL_get_session()-using code

Browse Source 
It was present for OpenSSL 0.9.5 code but we only support 0.9.7 or
later.
This commit is contained in:
Daniel Stenberg 2015-06-05 00:09:25 +02:00
parent fc16d9cec8
commit ccfdd5986c
1 changed files with 3 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
lib/vtls/openssl.c
View File

@ -83,12 +83,6 @@
#error "OPENSSL_VERSION_NUMBER not defined" #error "OPENSSL_VERSION_NUMBER not defined"
#endif #endif
#if OPENSSL_VERSION_NUMBER >= 0x0090581fL
#define HAVE_SSL_GET1_SESSION 1
#else
#undef HAVE_SSL_GET1_SESSION
#endif
#if OPENSSL_VERSION_NUMBER >= 0x00904100L #if OPENSSL_VERSION_NUMBER >= 0x00904100L
#define HAVE_USERDATA_IN_PWD_CALLBACK 1 #define HAVE_USERDATA_IN_PWD_CALLBACK 1
#else #else
@ -2814,25 +2808,11 @@ static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex)
DEBUGASSERT(ssl_connect_3 == connssl->connecting_state); DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
#ifdef HAVE_SSL_GET1_SESSION
our_ssl_sessionid = SSL_get1_session(connssl->handle); our_ssl_sessionid = SSL_get1_session(connssl->handle);
/* SSL_get1_session() will increment the reference /* SSL_get1_session() will increment the reference count and the session
count and the session will stay in memory until explicitly freed with will stay in memory until explicitly freed with SSL_SESSION_free(3),
SSL_SESSION_free(3), regardless of its state. regardless of its state. */
This function was introduced in openssl 0.9.5a. */
#else
our_ssl_sessionid = SSL_get_session(connssl->handle);
/* if SSL_get1_session() is unavailable, use SSL_get_session().
This is an inferior option because the session can be flushed
at any time by openssl. It is included only so curl compiles
under versions of openssl < 0.9.5a.
WARNING: How curl behaves if it's session is flushed is
untested.
*/
#endif
incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL)); incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL));
if(incache) { if(incache) {
@ -2851,7 +2831,6 @@ static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex)
return result; return result;
} }
} }
#ifdef HAVE_SSL_GET1_SESSION
else { else {
/* Session was incache, so refcount already incremented earlier. /* Session was incache, so refcount already incremented earlier.
* Avoid further increments with each SSL_get1_session() call. * Avoid further increments with each SSL_get1_session() call.
@ -2859,7 +2838,6 @@ static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex)
*/ */
SSL_SESSION_free(our_ssl_sessionid); SSL_SESSION_free(our_ssl_sessionid);
} }
#endif
/* /*
* We check certificates to authenticate the server; otherwise we risk * We check certificates to authenticate the server; otherwise we risk