diff options
-rw-r--r-- | lib/ssluse.c | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/lib/ssluse.c b/lib/ssluse.c index 21f27cdfb..ccd7bd925 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -43,6 +43,12 @@ #include "memdebug.h" #endif +#if OPENSSL_VERSION_NUMBER >= 0x0090581fL +#define HAVE_SSL_GET1_SESSION 1 +#else +#undef HAVE_SSL_GET1_SESSION +#endif + #if OPENSSL_VERSION_NUMBER >= 0x00904100L #define HAVE_USERDATA_IN_PWD_CALLBACK 1 #else @@ -558,11 +564,26 @@ static int Store_SSL_Session(struct connectdata *conn) int oldest_age=data->state.session[0].age; /* zero if unused */ /* ask OpenSSL, say please */ + +#ifdef HAVE_SSL_GET1_SESSION ssl_sessionid = SSL_get1_session(conn->ssl.handle); /* SSL_get1_session() will increment the reference count and the session will stay in memory until explicitly freed with - SSL_SESSION_free(3), regardless of its state. */ + SSL_SESSION_free(3), regardless of its state. + This function was introduced in openssl 0.9.5a. */ +#else + ssl_sessionid = SSL_get_session(conn->ssl.handle); + + /* if SSL_get1_session() is unavailable, use SSL_get_session(). + This is an inferior option because the session can be flushed + at any time by openssl. It is included only so curl compiles + under versions of openssl < 0.9.5a. + + WARNING: How curl behaves if it's session is flushed is + untested. + */ +#endif /* Now we should add the session ID and the host name to the cache, (remove the oldest if necessary) */ |