Don't duplicate TLS session info attributes

They may already exist if the session is being resumed.

diff --git a/src/lib/tls/session.c b/src/lib/tls/session.c
index 78c1382d75f478844c1a78c5ff45f8e0c99954ce..1dc2b98def7fac37cccec677fd3dc81cae19f747 100644 (file)
--- a/src/lib/tls/session.c
+++ b/src/lib/tls/session.c
@@ -1180,12 +1180,9 @@ static unlang_action_t tls_session_async_handshake_done_round(UNUSED rlm_rcode_t
 
                RDEBUG2("Adding TLS session information to request");
                RINDENT();
-               vp = fr_pair_afrom_da(request->session_state_ctx, attr_tls_session_cipher_suite);
-               if (vp) {
-                       fr_pair_value_strdup(vp,  SSL_CIPHER_get_name(cipher), false);
-                       fr_pair_append(&request->session_state_pairs, vp);
-                       RDEBUG2("&session-state.%pP", vp);
-               }
+               MEM(pair_update_session_state(&vp, attr_tls_session_cipher_suite) >= 0);
+               fr_pair_value_strdup(vp,  SSL_CIPHER_get_name(cipher), false);
+               RDEBUG2("&session-state.%pP", vp);
 
                if (((size_t)tls_session->info.version >= NUM_ELEMENTS(tls_version_str)) ||
                    !tls_version_str[tls_session->info.version]) {
@@ -1194,12 +1191,9 @@ static unlang_action_t tls_session_async_handshake_done_round(UNUSED rlm_rcode_t
                        version = tls_version_str[tls_session->info.version];
                }
 
-               vp = fr_pair_afrom_da(request->session_state_ctx, attr_tls_session_version);
-               if (vp) {
-                       fr_pair_value_strdup(vp, version, false);
-                       fr_pair_append(&request->session_state_pairs, vp);
-                       RDEBUG2("&session-state.%pP", vp);
-               }
+               MEM(pair_update_session_state(&vp, attr_tls_session_version) >= 0);
+               fr_pair_value_strdup(vp, version, false);
+               RDEBUG2("&session-state.%pP", vp);
                REXDENT();
 
                /*