cURL
Haxx ad
libcurl
Mailing Lists

curl's project page on SourceForge.net

Sponsors:
Haxx

cURL > Mailing List > Monthly Index > Single Mail

curl-tracker mailing list Archives

[ curl-Bugs-1842029 ] SSL session ID cache not working

From: SourceForge.net <noreply_at_sourceforge.net>
Date: Mon, 03 Dec 2007 03:47:48 -0800

Bugs item #1842029, was opened at 2007-12-01 01:39
Message generated for change (Comment added) made by bagder
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=1842029&group_id=976

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: libcurl
Group: wrong behaviour
>Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: pekowski (pekowski)
Assigned to: Daniel Stenberg (bagder)
Summary: SSL session ID cache not working

Initial Comment:
The SSL session ID cache is not working. I discovered that the sessionid variable was always set to 0 (FALSE). I found that this is due to not being part of the Curl_clone_config routine in lib/sslgen.c.

Here is the beginning of the corrected routine with my initials on the added line:

bool
Curl_clone_ssl_config(struct ssl_config_data *source,
                      struct ssl_config_data *dest)
{
  dest->sessionid = source->sessionid; /*RPP*/
  dest->verifyhost = source->verifyhost;
  dest->verifypeer = source->verifypeer;
  dest->version = source->version;
...

In addition, it would probably be a good idea to update the Curl_ssl_config_mathes routine as follows (again my initials are on the added line):

bool
Curl_ssl_config_matches(struct ssl_config_data* data,
                        struct ssl_config_data* needle)
{
  if((data->version == needle->version) &&
     (data->sessionid == needle->sessionid) && /*RPP*/
     (data->verifypeer == needle->verifypeer) &&
     (data->verifyhost == needle->verifyhost) &&
     safe_strequal(data->CApath, needle->CApath) &&
     safe_strequal(data->CAfile, needle->CAfile) &&
     safe_strequal(data->random_file, needle->random_file) &&
     safe_strequal(data->egdsocket, needle->egdsocket) &&
     safe_strequal(data->cipher_list, needle->cipher_list))
    return TRUE;

  return FALSE;
}

----------------------------------------------------------------------

>Comment By: Daniel Stenberg (bagder)
Date: 2007-12-03 12:47

Message:
Logged In: YES
user_id=1110
Originator: NO

Thanks a lot!

The first fix is no doubt correct, but I don't think the second is
necessary since it'll use that to check for the id in the cache and it
shouldn't be there unless cache is requested...

BTW, "diff -u" is a much better output to use to provide
patches/improvemens with!

If you give me your full name I'll give you proper credit for this fix in
the changelog.

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=1842029&group_id=976
Received on 2007-12-03

These mail archives are generated by hypermail.

donate! Page updated November 12, 2010.
web site info

File upload with ASP.NET