TLS: Fix switching off SSL session id when client cert is used

Move the sessionid flag to ssl_primary_config so that ssl and proxy_ssl will each have their own sessionid flag. Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that this issue had been fixed in 247d890, CVE-2016-5419. Bug: https://github.com/curl/curl/issues/1341 Reported-by: lijian996@users.noreply.github.com The new incarnation of this bug is called CVE-2017-7468 and is documented here: https://curl.haxx.se/docs/adv_20170419.html
author: Jay Satiro <raysatiro@yahoo.com> 2017-03-22 01:59:49 -0400
committer: Daniel Stenberg <daniel@haxx.se> 2017-04-18 07:56:34 +0200
commit: 33cfcfd9f0378625d3bddbd2c8ac5aad4b646f26 (patch)
tree: e5c65c7cafb11e9e0405bd14d923a035dc063eb6 /lib/urldata.h
parent: 997504ea50887c80a0f90b88bb1778aad75f7ee9 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/urldata.h b/lib/urldata.h
index bd7d25d2f..3c94553a1 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -360,6 +360,7 @@ struct ssl_primary_config {
   char *random_file;     /* path to file containing "random" data */
   char *egdsocket;       /* path to file containing the EGD daemon socket */
   char *cipher_list;     /* list of ciphers to use */
+  bool sessionid;        /* cache session IDs or not */
 };
 
 struct ssl_config_data {
@@ -389,7 +390,6 @@ struct ssl_config_data {
 };
 
 struct ssl_general_config {
-  bool sessionid; /* cache session IDs or not */
   size_t max_ssl_sessions; /* SSL session id cache size */
 };
author	Jay Satiro <raysatiro@yahoo.com>	2017-03-22 01:59:49 -0400
committer	Daniel Stenberg <daniel@haxx.se>	2017-04-18 07:56:34 +0200
commit	33cfcfd9f0378625d3bddbd2c8ac5aad4b646f26 (patch)
tree	e5c65c7cafb11e9e0405bd14d923a035dc063eb6 /lib/urldata.h
parent	997504ea50887c80a0f90b88bb1778aad75f7ee9 (diff)