From e9834808e9e8ccb3028ecbe2b76475c111cc899a Mon Sep 17 00:00:00 2001
From: Marc Hoersken <info@marc-hoersken.de>
Date: Sat, 10 Jan 2015 17:46:02 +0100
Subject: curl_schannel.c: mark session as removed from cache if not freed

If the session is still used by active SSL/TLS connections, it
cannot be closed yet. Thus we mark the session as not being cached
any longer so that the reference counting mechanism in
Curl_schannel_shutdown is used to close and free the session.

Reported-by: Jean-Francois Durand
---
 lib/vtls/curl_schannel.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'lib/vtls')

diff --git a/lib/vtls/curl_schannel.c b/lib/vtls/curl_schannel.c
index b3fe52695..787929c1d 100644
--- a/lib/vtls/curl_schannel.c
+++ b/lib/vtls/curl_schannel.c
@@ -1218,9 +1218,14 @@ void Curl_schannel_session_free(void *ptr)
 {
   struct curl_schannel_cred *cred = ptr;
 
-  if(cred && cred->cached && cred->refcount == 0) {
-    s_pSecFn->FreeCredentialsHandle(&cred->cred_handle);
-    Curl_safefree(cred);
+  if(cred && cred->cached) {
+    if(cred->refcount == 0) {
+      s_pSecFn->FreeCredentialsHandle(&cred->cred_handle);
+      Curl_safefree(cred);
+    }
+    else {
+      cred->cached = FALSE;
+    }
   }
 }
 
-- 
cgit v1.2.3