- Michael Smith posted bug report #2786255

(http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how libcurl did not deal with SSL session ids properly if the server rejected a re-use of one. Starting now, it will forget the rejected one and remember the new. This change was for OpenSSL only, it is likely that other SSL lib code needs similar fixes.
author: Daniel Stenberg <daniel@haxx.se> 2009-05-04 21:57:14 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2009-05-04 21:57:14 +0000
commit: a16cca768051ae7c2020426fef00bb0ec537477a (patch)
tree: 3ebc663ce5ded5627c12e954663795ab3a29a9f5 /CHANGES
parent: 644482fc990a55f0cce2837bd29d2c5dad7f7b35 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index bef9b1262..e1bea9fc8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,14 @@
 
                                   Changelog
 
+Daniel Stenberg (4 May 2009)
+- Michael Smith posted bug report #2786255
+  (http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how
+  libcurl did not deal with SSL session ids properly if the server rejected a
+  re-use of one. Starting now, it will forget the rejected one and remember
+  the new. This change was for OpenSSL only, it is likely that other SSL lib
+  code needs similar fixes.
+
 Yang Tse (4 May 2009)
 - Applied David McCreedy's "transfer.c fixes for CURL_DO_LINEEND_CONV and
   non-ASCII platform HTTP requests" patch addressing two HTTP PUT problems:
author	Daniel Stenberg <daniel@haxx.se>	2009-05-04 21:57:14 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2009-05-04 21:57:14 +0000
commit	a16cca768051ae7c2020426fef00bb0ec537477a (patch)
tree	3ebc663ce5ded5627c12e954663795ab3a29a9f5 /CHANGES
parent	644482fc990a55f0cce2837bd29d2c5dad7f7b35 (diff)