[CVE-2017-7468] TLS: Fix switching off SSL session id when client cert is used

[platform/upstream/curl.git] / lib / vtls / darwinssl.c

diff --git a/lib/vtls/darwinssl.c b/lib/vtls/darwinssl.c
index 050bf96..babe5f4 100644 (file)
--- a/lib/vtls/darwinssl.c
+++ b/lib/vtls/darwinssl.c
@@ -1546,7 +1546,7 @@ static CURLcode darwinssl_connect_step1(struct connectdata *conn,
 #endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */
 
   /* Check if there's a cached ID we can/should use here! */
-  if(data->set.general_ssl.sessionid) {
+  if(SSL_SET_OPTION(primary.sessionid)) {
     char *ssl_sessionid;
     size_t ssl_sessionid_len;