Bugs item #1842029, was opened at 2007-11-30 18:39
Message generated for change (Comment added) made by pekowski
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=1842029&group_id=976

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: libcurl
Group: wrong behaviour
Status: Closed
Resolution: Fixed
Priority: 5
Private: No
Submitted By: pekowski (pekowski)
Assigned to: Daniel Stenberg (bagder)
Summary: SSL session ID cache not working

Initial Comment:
The SSL session ID cache is not working. I discovered that the sessionid variable was always set to 0 (FALSE). I found that this is due to not being part of the Curl_clone_config routine in lib/sslgen.c.

Here is the beginning of the corrected routine with my initials on the added line:

bool
Curl_clone_ssl_config(struct ssl_config_data *source,
                      struct ssl_config_data *dest)
{
  dest->sessionid = source->sessionid; /*RPP*/
  dest->verifyhost = source->verifyhost;
  dest->verifypeer = source->verifypeer;
  dest->version = source->version;
...

In addition, it would probably be a good idea to update the Curl_ssl_config_mathes routine as follows (again my initials are on the added line):

bool
Curl_ssl_config_matches(struct ssl_config_data* data,
                        struct ssl_config_data* needle)
{
  if((data->version == needle->version) &&
     (data->sessionid == needle->sessionid) && /*RPP*/
     (data->verifypeer == needle->verifypeer) &&
     (data->verifyhost == needle->verifyhost) &&
     safe_strequal(data->CApath, needle->CApath) &&
     safe_strequal(data->CAfile, needle->CAfile) &&
     safe_strequal(data->random_file, needle->random_file) &&
     safe_strequal(data->egdsocket, needle->egdsocket) &&
     safe_strequal(data->cipher_list, needle->cipher_list))
    return TRUE;

  return FALSE;
}

----------------------------------------------------------------------

>Comment By: pekowski (pekowski)
Date: 2007-12-03 10:29

Message:
Logged In: YES
user_id=1949539
Originator: YES

Good point about the Curl_ssl_config_matches() function. Agreed, the
change isn't necessary :-). You can put my name in the change log as Ray
Pekowski. That would be cool. And thanks for this awesome tool. We plan
to make heavy use of it. Some of the reasons are that is has the
functionality we need like being able to control SSL sessions and we have
the source. Now that I've taken a look at the souce I'm very happy with
how well written it is. I think we made a good choice.

----------------------------------------------------------------------

Comment By: Daniel Stenberg (bagder)
Date: 2007-12-03 05:47

Message:
Logged In: YES
user_id=1110
Originator: NO

Thanks a lot!

The first fix is no doubt correct, but I don't think the second is
necessary since it'll use that to check for the id in the cache and it
shouldn't be there unless cache is requested...

BTW, "diff -u" is a much better output to use to provide
patches/improvemens with!

If you give me your full name I'll give you proper credit for this fix in
the changelog.

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=1842029&group_id=976
Received on 2007-12-03