1 files changed, 12 insertions, 6 deletions

diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 0a86e9bd29..2c452837f8 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -941,17 +941,23 @@ handle_info({Protocol, _, Data}, StateName,
 
 handle_info({CloseTag, Socket}, _StateName,
             #state{socket = Socket, close_tag = CloseTag,
-		   negotiated_version = Version, host = Host,
-		   port = Port, socket_options = Opts, 
+		   negotiated_version = Version,
+		   socket_options = Opts,
 		   user_application = {_Mon,Pid}, from = From, 
-		   role = Role, session = Session} = State) ->
-    %% Debug option maybe, the user do NOT want to see these in their logs
-    %% error_logger:info_report("SSL: Peer did not send close notify alert."),
+		   role = Role} = State) ->
+    %% Note that as of TLS 1.1,
+    %% failure to properly close a connection no longer requires that a
+    %% session not be resumed.  This is a change from TLS 1.0 to conform
+    %% with widespread implementation practice.
     case Version of
 	{1, N} when N >= 1 ->
 	    ok;
 	_ ->
-	    invalidate_session(Role, Host, Port, Session)
+	    %% As invalidate_sessions here causes performance issues,
+	    %% we will conform to the widespread implementation
+	    %% practice and go aginst the spec
+	    %%invalidate_session(Role, Host, Port, Session)
+	    ok
     end,
     alert_user(Opts#socket_options.active, Pid, From,
 	       ?ALERT_REC(?WARNING, ?CLOSE_NOTIFY), Role),