diff options
author | Michael Kaufmann <mail@michael-kaufmann.ch> | 2017-09-24 14:08:29 +0200 |
---|---|---|
committer | Michael Kaufmann <mail@michael-kaufmann.ch> | 2017-10-03 18:08:50 +0200 |
commit | 9d3dde37a8ef5eb0fa03f411eb4296ffdbe6cf3d (patch) | |
tree | 5b402327689ea5931258e2c997d7353f2bfc0272 /lib/vtls/mbedtls.h | |
parent | c4ebd8b46de09d45e251bed7e9bfc2a0ddf21d98 (diff) |
vtls: compare and clone ssl configs properly
Compare these settings in Curl_ssl_config_matches():
- verifystatus (CURLOPT_SSL_VERIFYSTATUS)
- random_file (CURLOPT_RANDOM_FILE)
- egdsocket (CURLOPT_EGDSOCKET)
Also copy the setting "verifystatus" in Curl_clone_primary_ssl_config(),
and copy the setting "sessionid" unconditionally.
This means that reusing connections that are secured with a client
certificate is now possible, and the statement "TLS session resumption
is disabled when a client certificate is used" in the old advisory at
https://curl.haxx.se/docs/adv_20170419.html is obsolete.
Reviewed-by: Daniel Stenberg
Closes #1917
Diffstat (limited to 'lib/vtls/mbedtls.h')
0 files changed, 0 insertions, 0 deletions