gtls: skip session resumption when verifystatus is set

Resumed TLS sessions skip OCSP stapled-response verification. Force a
full handshake so verifystatus() runs.

Follow-up to 4bfd7a961521e1fd6aab7610e931d82a342781

Pointed out by ZeroPath

diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index f3d6abb23cacacb052873b882fabce9f15a13a5a..ebd2c8de1eb0c95c0ddf609ebd1869c9bcfdc410 100644 (file)
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -1121,7 +1121,7 @@ CURLcode Curl_gtls_ctx_init(struct gtls_ctx *gctx,
   /* This might be a reconnect, so we check for a session ID in the cache
      to speed up things. We need to do this before constructing the gnutls
      session since we need to set flags depending on the kind of reuse. */
-  if(conn_config->cache_session) {
+  if(conn_config->cache_session && !conn_config->verifystatus) {
     result = Curl_ssl_scache_take(cf, data, peer->scache_key, &scs);
     if(result)
       goto out;