NSS: acknowledge the --no-sessionid/CURLOPT_SSL_SESSIONID_CACHE option

author Paul Donohue <curl@paulsd.com>

Tue, 15 Oct 2013 19:36:32 +0000 (21:36 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Tue, 15 Oct 2013 19:50:22 +0000 (21:50 +0200)
author Paul Donohue <curl@paulsd.com>
Tue, 15 Oct 2013 19:36:32 +0000 (21:36 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Tue, 15 Oct 2013 19:50:22 +0000 (21:50 +0200)
diff --git a/lib/nss.c b/lib/nss.c

index 34dfbb1a7a297c24b18f0cfc6d8a54f25c126afc..43576e6d5e00cb8de5ab6dd47a3c06f560335dbb 100644 (file)
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -1244,8 +1244,9 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
    if(SSL_OptionSet(model, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE) != SECSuccess)
      goto error;
  
-  /* do not use SSL cache if we are not going to verify peer */
-  ssl_no_cache = (data->set.ssl.verifypeer) ? PR_FALSE : PR_TRUE;
+  /* do not use SSL cache if disabled or we are not going to verify peer */
+  ssl_no_cache = (conn->ssl_config.sessionid && data->set.ssl.verifypeer) ?
+    PR_FALSE : PR_TRUE;
    if(SSL_OptionSet(model, SSL_NO_CACHE, ssl_no_cache) != SECSuccess)
      goto error;
author	Paul Donohue <curl@paulsd.com>
	Tue, 15 Oct 2013 19:36:32 +0000 (21:36 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Tue, 15 Oct 2013 19:50:22 +0000 (21:50 +0200)