From b40b98952319422dccaa28346d0e9077236030f7 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 5 May 2009 08:33:29 +0000
Subject: I simplified the SSL session id re-use code now to *always* ditch the
 previous one and store the current one, as it makes the code less complex and
 I'm not even sure I can check for the same session id using memcmp() like
 that.

---
 lib/gtls.c | 14 +++-----------
 1 file changed, 3 insertions(+), 11 deletions(-)

(limited to 'lib')

diff --git a/lib/gtls.c b/lib/gtls.c
index f07854245..002246a0c 100644
--- a/lib/gtls.c
+++ b/lib/gtls.c
@@ -604,18 +604,10 @@ Curl_gtls_connect(struct connectdata *conn,
       /* extract session ID to the allocated buffer */
       gnutls_session_get_data(session, connect_sessionid, &connect_idsize);
 
-      if(ssl_sessionid &&
-         ((connect_idsize != ssl_idsize) ||
-          memcmp(connect_sessionid, ssl_sessionid, ssl_idsize)))
-        /* there was one before in the cache, but without the same size or
-           with different contents so delete the old one */
+      if(ssl_sessionid)
+        /* there was one before in the cache, so instead of risking that the
+           previous one was rejected, we just kill that and store the new */
         Curl_ssl_delsessionid(conn, ssl_sessionid);
-      else if(ssl_sessionid) {
-        /* it was in the cache and its the same one now, just leave it */
-        free(connect_sessionid);
-        return CURLE_OK;
-      }
-
 
       /* store this session id */
       return Curl_ssl_addsessionid(conn, connect_sessionid, connect_idsize);
-- 
cgit v1.2.3