aboutsummaryrefslogtreecommitdiff
path: root/lib/ssluse.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/ssluse.c')
-rw-r--r--lib/ssluse.c23
1 files changed, 22 insertions, 1 deletions
diff --git a/lib/ssluse.c b/lib/ssluse.c
index 21f27cdfb..ccd7bd925 100644
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -43,6 +43,12 @@
#include "memdebug.h"
#endif
+#if OPENSSL_VERSION_NUMBER >= 0x0090581fL
+#define HAVE_SSL_GET1_SESSION 1
+#else
+#undef HAVE_SSL_GET1_SESSION
+#endif
+
#if OPENSSL_VERSION_NUMBER >= 0x00904100L
#define HAVE_USERDATA_IN_PWD_CALLBACK 1
#else
@@ -558,11 +564,26 @@ static int Store_SSL_Session(struct connectdata *conn)
int oldest_age=data->state.session[0].age; /* zero if unused */
/* ask OpenSSL, say please */
+
+#ifdef HAVE_SSL_GET1_SESSION
ssl_sessionid = SSL_get1_session(conn->ssl.handle);
/* SSL_get1_session() will increment the reference
count and the session will stay in memory until explicitly freed with
- SSL_SESSION_free(3), regardless of its state. */
+ SSL_SESSION_free(3), regardless of its state.
+ This function was introduced in openssl 0.9.5a. */
+#else
+ ssl_sessionid = SSL_get_session(conn->ssl.handle);
+
+ /* if SSL_get1_session() is unavailable, use SSL_get_session().
+ This is an inferior option because the session can be flushed
+ at any time by openssl. It is included only so curl compiles
+ under versions of openssl < 0.9.5a.
+
+ WARNING: How curl behaves if it's session is flushed is
+ untested.
+ */
+#endif
/* Now we should add the session ID and the host name to the cache, (remove
the oldest if necessary) */