TLS: Fix switching off SSL session id when client cert is used

Move the sessionid flag to ssl_primary_config so that ssl and proxy_ssl
will each have their own sessionid flag.

Regression since HTTPS-Proxy support was added in cb4e2be. Prior to that
this issue had been fixed in 247d890, CVE-2016-5419.

Bug: https://github.com/curl/curl/issues/1341
Reported-by: lijian996@users.noreply.github.com

The new incarnation of this bug is called CVE-2017-7468 and is documented
here: https://curl.haxx.se/docs/adv_20170419.html

1 files changed, 2 insertions, 2 deletions

diff --git a/lib/vtls/axtls.c b/lib/vtls/axtls.c
index af01fe314..f0e376640 100644
--- a/lib/vtls/axtls.c
+++ b/lib/vtls/axtls.c
@@ -262,7 +262,7 @@ static CURLcode connect_prep(struct connectdata *conn, int sockindex)
    * 2) setting up callbacks.  these seem gnutls specific
    */
 
-  if(data->set.general_ssl.sessionid) {
+  if(SSL_SET_OPTION(primary.sessionid)) {
     const uint8_t *ssl_sessionid;
     size_t ssl_idsize;
 
@@ -392,7 +392,7 @@ static CURLcode connect_finish(struct connectdata *conn, int sockindex)
   conn->send[sockindex] = axtls_send;
 
   /* Put our freshly minted SSL session in cache */
-  if(data->set.general_ssl.sessionid) {
+  if(SSL_SET_OPTION(primary.sessionid)) {
     const uint8_t *ssl_sessionid = ssl_get_session_id(ssl);
     size_t ssl_idsize = ssl_get_session_id_size(ssl);
     Curl_ssl_sessionid_lock(conn);