diff options
author | Daniel Stenberg <daniel@haxx.se> | 2009-10-18 00:10:13 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2009-10-18 00:10:13 +0000 |
commit | 167a92810a77b3abd973ea987a1306cfa155d65c (patch) | |
tree | 16b52689d01583e738ddc37cb55c7bce83d813d5 | |
parent | b8b8c3d5383d2a56065e6880fb267ed6df737b00 (diff) |
- Kevin Baughman found a double close() problem with libcurl-NSS, as when
libcurl called NSS to close the SSL "session" it also closed the actual
socket.
-rw-r--r-- | CHANGES | 5 | ||||
-rw-r--r-- | RELEASE-NOTES | 2 | ||||
-rw-r--r-- | lib/nss.c | 8 |
3 files changed, 13 insertions, 2 deletions
@@ -6,6 +6,11 @@ Changelog +Daniel Stenberg (18 Oct 2009) +- Kevin Baughman found a double close() problem with libcurl-NSS, as when + libcurl called NSS to close the SSL "session" it also closed the actual + socket. + Yang Tse (17 Oct 2009) - Bug report #2866724 indicated (http://curl.haxx.se/bug/view.cgi?id=2866724) that curl on Windows failed diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 6d6530632..8556b54b8 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -36,6 +36,7 @@ This release includes the following bugfixes: o don't shrink SO_SNDBUF on windows for those who have it set large already o connect next bug o invalid file name characters handling on Windows + o double close() on the primary socket with libcurl-NSS This release includes the following known bugs: @@ -48,5 +49,6 @@ advice from friends like these: Michal Marek, Eric Wong, Guenter Knauf, Peter Sylvester, Daniel Johnson, Claes Jakobsson, Sven Anders, Chris Mumford, John P. McCaskey, Constantine Sapuntzakis, Michael Stillwell, Tom Mueller, Dan Fandrich, + Kevin Baughman Thanks! (and sorry if I forgot to mention someone) @@ -927,11 +927,15 @@ void Curl_nss_close(struct connectdata *conn, int sockindex) if(connssl->handle) { PR_Close(connssl->handle); + + /* NSS closes the socket we previously handed to it, so we must mark it + as closed to avoid double close */ + conn->sock[sockindex] = CURL_SOCKET_BAD; if(connssl->client_nickname != NULL) { free(connssl->client_nickname); connssl->client_nickname = NULL; } -#ifdef HAVE_PK11_CREATEGENERICOBJECT +#ifdef HAVE_PK11_CREATEGENERICOBJECT if(connssl->key) (void)PK11_DestroyGenericObject(connssl->key); if(connssl->cacert[1]) @@ -973,7 +977,7 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex) connssl->data = data; -#ifdef HAVE_PK11_CREATEGENERICOBJECT +#ifdef HAVE_PK11_CREATEGENERICOBJECT connssl->cacert[0] = NULL; connssl->cacert[1] = NULL; connssl->key = NULL; |