url: only reuse TLS connections with matching pinning

If the requests have different CURLOPT_PINNEDPUBLICKEY strings set, the connection should not be reused. Bug: https://curl.haxx.se/mail/lib-2019-09/0061.html Reported-by: Sebastian Haglund Closes #4347
author: Daniel Stenberg <daniel@haxx.se> 2019-09-13 16:38:58 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2019-09-19 14:58:24 +0200
commit: 3c5f9ba899ace6a0a406e421c4c1f6e626a95d05 (patch)
tree: 3f638d88dec62621d804a2e516eef55492b529ea /lib/urldata.h
parent: fafad1496b036577d68bfc8db688fbcd7930819a (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/urldata.h b/lib/urldata.h
index acc1fd1b9..cb527918c 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -222,6 +222,7 @@ struct ssl_primary_config {
   char *egdsocket;       /* path to file containing the EGD daemon socket */
   char *cipher_list;     /* list of ciphers to use */
   char *cipher_list13;   /* list of TLS 1.3 cipher suites to use */
+  char *pinned_key;
   bit verifypeer:1;      /* set TRUE if this is desired */
   bit verifyhost:1;      /* set TRUE if CN/SAN must match hostname */
   bit verifystatus:1;    /* set TRUE if certificate status must be checked */
author	Daniel Stenberg <daniel@haxx.se>	2019-09-13 16:38:58 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2019-09-19 14:58:24 +0200
commit	3c5f9ba899ace6a0a406e421c4c1f6e626a95d05 (patch)
tree	3f638d88dec62621d804a2e516eef55492b529ea /lib/urldata.h
parent	fafad1496b036577d68bfc8db688fbcd7930819a (diff)