vtls: only re-use session-ids using the same scheme

To make it harder to do cross-protocol mistakes
author: Daniel Stenberg <daniel@haxx.se> 2016-10-10 16:47:54 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2016-10-13 11:24:16 +0200
commit: 1671d84b38ac61f0852e8ff2915fef3346dc53f7 (patch)
tree: 70ad71bf8152bf7e10b4441368947d37e11d1c54 /lib/vtls/vtls.c
parent: 3b36bd8e1a242b6cd037bb8109e1fc56478951a6 (diff)
download: curl-1671d84b38ac61f0852e8ff2915fef3346dc53f7.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index fe69306de..66b49540c 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -398,6 +398,7 @@ bool Curl_ssl_getsessionid(struct connectdata *conn,
          (conn->bits.conn_to_port && check->conn_to_port != -1 &&
            conn->conn_to_port == check->conn_to_port)) &&
        (conn->remote_port == check->remote_port) &&
+       Curl_raw_equal(conn->handler->scheme, check->scheme) &&
        Curl_ssl_config_matches(&conn->ssl_config, &check->ssl_config)) {
       /* yes, we have a session ID! */
       (*general_age)++;          /* increase general age */
@@ -528,6 +529,7 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn,
   store->conn_to_host = clone_conn_to_host; /* clone connect to host name */
   store->conn_to_port = conn_to_port; /* connect to port number */
   store->remote_port = conn->remote_port; /* port number */
+  store->scheme = conn->handler->scheme;
 
   if(!Curl_clone_ssl_config(&conn->ssl_config, &store->ssl_config)) {
     store->sessionid = NULL; /* let caller free sessionid */
author	Daniel Stenberg <daniel@haxx.se>	2016-10-10 16:47:54 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2016-10-13 11:24:16 +0200
commit	1671d84b38ac61f0852e8ff2915fef3346dc53f7 (patch)
tree	70ad71bf8152bf7e10b4441368947d37e11d1c54 /lib/vtls/vtls.c
parent	3b36bd8e1a242b6cd037bb8109e1fc56478951a6 (diff)
download	curl-1671d84b38ac61f0852e8ff2915fef3346dc53f7.tar.gz