- Michael Smith posted bug report #2786255

(http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how libcurl did not deal with SSL session ids properly if the server rejected a re-use of one. Starting now, it will forget the rejected one and remember the new. This change was for OpenSSL only, it is likely that other SSL lib code needs similar fixes.
author: Daniel Stenberg <daniel@haxx.se> 2009-05-04 21:57:14 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2009-05-04 21:57:14 +0000
commit: a16cca768051ae7c2020426fef00bb0ec537477a (patch)
tree: 3ebc663ce5ded5627c12e954663795ab3a29a9f5 /RELEASE-NOTES
parent: 644482fc990a55f0cce2837bd29d2c5dad7f7b35 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 11e3a6648..af2197c8e 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -39,6 +39,7 @@ This release includes the following bugfixes:
  o TFTP problems after a failed transfer to the same host
  o improved out of the box TPF compatibility
  o HTTP PUT protocol line endings portions mangled from CRLF to CRCRLF
+ o Rejected SSL session ids are killed properly (for OpenSSL builds)
 
 This release includes the following known bugs:
 
@@ -51,6 +52,6 @@ advice from friends like these:
  Andre Guibert de Bruet, Andreas Farber, Frank Hempel, Pierre Brico,
  Kamil Dudka, Jim Freeman, Daniel Johnson, Toshio Kuratomi, Martin Storsjo,
  Pramod Sharma, Gisle Vanem, Leanic Lefever, Rainer Koenig, Sven Wegener,
- Tim Chen, Constantine Sapuntzakis, David McCreedy
+ Tim Chen, Constantine Sapuntzakis, David McCreedy, Michael Smith
 
         Thanks! (and sorry if I forgot to mention someone)
author	Daniel Stenberg <daniel@haxx.se>	2009-05-04 21:57:14 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2009-05-04 21:57:14 +0000
commit	a16cca768051ae7c2020426fef00bb0ec537477a (patch)
tree	3ebc663ce5ded5627c12e954663795ab3a29a9f5 /RELEASE-NOTES
parent	644482fc990a55f0cce2837bd29d2c5dad7f7b35 (diff)