From 29dc39fce1126265d8526be15beec3e3fdc1c11d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 11 Sep 2006 17:18:18 +0000
Subject: - Fixed my breakage from earlier today so that doing
 curl_easy_cleanup() on a   handle that is part of a multi handle first
 removes the handle from the   stack.

- Added CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid to disable SSL
  session-ID re-use on demand since there obviously are broken servers out
  there that misbehave with session-IDs used.
---
 lib/sslgen.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'lib/sslgen.c')

diff --git a/lib/sslgen.c b/lib/sslgen.c
index 641131571..fec358c51 100644
--- a/lib/sslgen.c
+++ b/lib/sslgen.c
@@ -246,6 +246,10 @@ int Curl_ssl_getsessionid(struct connectdata *conn,
   struct SessionHandle *data = conn->data;
   long i;
 
+  if(!conn->ssl_config.sessionid)
+    /* session ID re-use is disabled */
+    return TRUE;
+
   for(i=0; i< data->set.ssl.numsessions; i++) {
     check = &data->state.session[i];
     if(!check->sessionid)
@@ -311,6 +315,10 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn,
   long oldest_age=data->state.session[0].age; /* zero if unused */
   char *clone_host;
 
+  /* Even though session ID re-use might be disabled, that only disables USING
+     IT. We still store it here in case the re-using is again enabled for an
+     upcoming transfer */
+
   clone_host = strdup(conn->host.name);
   if(!clone_host)
     return CURLE_OUT_OF_MEMORY; /* bail out */
-- 
cgit v1.2.3