1 files changed, 14 insertions, 14 deletions

diff --git a/Utilities/cmcurl/lib/vtls/bearssl.c b/Utilities/cmcurl/lib/vtls/bearssl.c
index 29b08c0e6d..7f729713d8 100644
--- a/Utilities/cmcurl/lib/vtls/bearssl.c
+++ b/Utilities/cmcurl/lib/vtls/bearssl.c
@@ -300,12 +300,7 @@ static CURLcode bearssl_connect_step1(struct Curl_easy *data,
   struct ssl_connect_data *connssl = &conn->ssl[sockindex];
   struct ssl_backend_data *backend = connssl->backend;
   const char * const ssl_cafile = SSL_CONN_CONFIG(CAfile);
-#ifndef CURL_DISABLE_PROXY
-  const char *hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
-    conn->host.name;
-#else
-  const char *hostname = conn->host.name;
-#endif
+  const char * const hostname = SSL_HOST_NAME();
   const bool verifypeer = SSL_CONN_CONFIG(verifypeer);
   const bool verifyhost = SSL_CONN_CONFIG(verifyhost);
   CURLcode ret;
@@ -375,7 +370,8 @@ static CURLcode bearssl_connect_step1(struct Curl_easy *data,
     void *session;
 
     Curl_ssl_sessionid_lock(data);
-    if(!Curl_ssl_getsessionid(data, conn, &session, NULL, sockindex)) {
+    if(!Curl_ssl_getsessionid(data, conn, SSL_IS_PROXY() ? TRUE : FALSE,
+                              &session, NULL, sockindex)) {
       br_ssl_engine_set_session_parameters(&backend->ctx.eng, session);
       infof(data, "BearSSL: re-using session ID\n");
     }
@@ -389,14 +385,14 @@ static CURLcode bearssl_connect_step1(struct Curl_easy *data,
      * protocols array in `struct ssl_backend_data`.
      */
 
-#ifdef USE_NGHTTP2
-    if(data->set.httpversion >= CURL_HTTP_VERSION_2
+#ifdef USE_HTTP2
+    if(data->state.httpwant >= CURL_HTTP_VERSION_2
 #ifndef CURL_DISABLE_PROXY
       && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)
 #endif
       ) {
-      backend->protocols[cur++] = NGHTTP2_PROTO_VERSION_ID;
-      infof(data, "ALPN, offering %s\n", NGHTTP2_PROTO_VERSION_ID);
+      backend->protocols[cur++] = ALPN_H2;
+      infof(data, "ALPN, offering %s\n", ALPN_H2);
     }
 #endif
 
@@ -544,8 +540,8 @@ static CURLcode bearssl_connect_step3(struct Curl_easy *data,
     if(protocol) {
       infof(data, "ALPN, server accepted to use %s\n", protocol);
 
-#ifdef USE_NGHTTP2
-      if(!strcmp(protocol, NGHTTP2_PROTO_VERSION_ID))
+#ifdef USE_HTTP2
+      if(!strcmp(protocol, ALPN_H2))
         conn->negnpn = CURL_HTTP_VERSION_2;
       else
 #endif
@@ -571,10 +567,13 @@ static CURLcode bearssl_connect_step3(struct Curl_easy *data,
     br_ssl_engine_get_session_parameters(&backend->ctx.eng, session);
     Curl_ssl_sessionid_lock(data);
     incache = !(Curl_ssl_getsessionid(data, conn,
+                                      SSL_IS_PROXY() ? TRUE : FALSE,
                                       &oldsession, NULL, sockindex));
     if(incache)
       Curl_ssl_delsessionid(data, oldsession);
-    ret = Curl_ssl_addsessionid(data, conn, session, 0, sockindex);
+    ret = Curl_ssl_addsessionid(data, conn,
+                                SSL_IS_PROXY() ? TRUE : FALSE,
+                                session, 0, sockindex);
     Curl_ssl_sessionid_unlock(data);
     if(ret) {
       free(session);
@@ -855,6 +854,7 @@ const struct Curl_ssl Curl_ssl_bearssl = {
   Curl_none_cert_status_request,
   bearssl_connect,
   bearssl_connect_nonblocking,
+  Curl_ssl_getsock,
   bearssl_get_internals,
   bearssl_close,
   Curl_none_close_all,