The SSL session ID cache is not working. I discovered that the sessionid variable was always set to 0 (FALSE). I found that this is due to not being part of the Curl_clone_config routine in lib/sslgen.c.
Here is the beginning of the corrected routine with my initials on the added line:
bool
Curl_clone_ssl_config(struct ssl_config_data *source,
struct ssl_config_data *dest)
{
dest->sessionid = source->sessionid; /*RPP*/
dest->verifyhost = source->verifyhost;
dest->verifypeer = source->verifypeer;
dest->version = source->version;
...
In addition, it would probably be a good idea to update the Curl_ssl_config_mathes routine as follows (again my initials are on the added line):
bool
Curl_ssl_config_matches(struct ssl_config_data* data,
struct ssl_config_data* needle)
{
if((data->version == needle->version) &&
(data->sessionid == needle->sessionid) && /*RPP*/
(data->verifypeer == needle->verifypeer) &&
(data->verifyhost == needle->verifyhost) &&
safe_strequal(data->CApath, needle->CApath) &&
safe_strequal(data->CAfile, needle->CAfile) &&
safe_strequal(data->random_file, needle->random_file) &&
safe_strequal(data->egdsocket, needle->egdsocket) &&
safe_strequal(data->cipher_list, needle->cipher_list))
return TRUE;
return FALSE;
}
Logged In: YES
user_id=1110
Originator: NO
Thanks a lot!
The first fix is no doubt correct, but I don't think the second is necessary since it'll use that to check for the id in the cache and it shouldn't be there unless cache is requested...
BTW, "diff -u" is a much better output to use to provide patches/improvemens with!
If you give me your full name I'll give you proper credit for this fix in the changelog.
Logged In: YES
user_id=1949539
Originator: YES
Good point about the Curl_ssl_config_matches() function. Agreed, the change isn't necessary :-). You can put my name in the change log as Ray Pekowski. That would be cool. And thanks for this awesome tool. We plan to make heavy use of it. Some of the reasons are that is has the functionality we need like being able to control SSL sessions and we have the source. Now that I've taken a look at the souce I'm very happy with how well written it is. I think we made a good choice.