aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2008-08-04 22:07:50 +0000
committerDaniel Stenberg <daniel@haxx.se>2008-08-04 22:07:50 +0000
commited50e3f1b4bfafa9f0cb16626f6edd93e06cd14c (patch)
tree8bf61e06eb9c38f8802cce8361957f0cb40654a4
parent3a499099af52ddc69a3647767521c99c9e9c42e4 (diff)
- Yehoshua Hershberg found a problem that would make libcurl re-use a
connection with the multi interface even if a previous use of it caused a CURLE_PEER_FAILED_VERIFICATION to get returned. I now make sure that failed SSL connections properly close the connections.
-rw-r--r--CHANGES6
-rw-r--r--RELEASE-NOTES3
-rw-r--r--TODO-RELEASE4
-rw-r--r--lib/http.c5
4 files changed, 12 insertions, 6 deletions
diff --git a/CHANGES b/CHANGES
index f9a3c9fba..dce9c68c5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,12 @@
Changelog
+Daniel Stenberg (5 Aug 2008)
+- Yehoshua Hershberg found a problem that would make libcurl re-use a
+ connection with the multi interface even if a previous use of it caused a
+ CURLE_PEER_FAILED_VERIFICATION to get returned. I now make sure that failed
+ SSL connections properly close the connections.
+
Daniel Stenberg (4 Aug 2008)
- Test cases 1051, 1052 and 1055 were added by Daniel Fandrich on July 30 and
proved how PUT and POST with a redirect could lead to a "hang" due to the
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 10e566063..f885fc89c 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -47,6 +47,7 @@ This release includes the following bugfixes:
o no longer link with gdi32 on Windows cross-compiled targets
o HTTP PUT with -C - sent bad Content-Range: header
o HTTP PUT or POST with redirect could lead to hang
+ o re-use of connections with failed SSL connects in the multi interface
This release includes the following known bugs:
@@ -67,7 +68,7 @@ advice from friends like these:
Rob Crittenden, Dengminwen, Christopher Palow, Hans-Jurgen May,
Phil Pellouchoud, Eduard Bloch, John Lightsey, Stephen Collyer, Tor Arntsen,
Rolland Dudemaine, Phil Blundell, Scott Barrett, Andreas Schuldei,
- Peter Lamberg, David Bau, Pramod Sharma
+ Peter Lamberg, David Bau, Pramod Sharma, Yehoshua Hershberg
Thanks! (and sorry if I forgot to mention someone)
diff --git a/TODO-RELEASE b/TODO-RELEASE
index c2b2da5d5..ea1f18298 100644
--- a/TODO-RELEASE
+++ b/TODO-RELEASE
@@ -14,10 +14,6 @@ To be addressed before 7.19.0 (planned release: August 2008)
* Third version of the patch fixing a failure to chose a proper data
type submitted to the mailing list 2008-08-04.
-
-146 - Yehoshua Hershberg's re-using of connections that failed with
- CURLE_PEER_FAILED_VERIFICATION
-
148 - Introduction of m4/reentrant.m4 is triggering some problems on Solaris
systems. The problem manifests when buildconf runs aclocal, at some point
aclocal fails when using GNU m4 version 1.4.5 it runs out of memory. If
diff --git a/lib/http.c b/lib/http.c
index 173de8edc..a2a5cd1f5 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -1815,8 +1815,11 @@ static CURLcode https_connecting(struct connectdata *conn, bool *done)
/* perform SSL initialization for this socket */
result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, done);
- if(result)
+ if(result) {
+ conn->bits.close = TRUE; /* a failed connection is marked for closure
+ to prevent (bad) re-use or similar */
return result;
+ }
return CURLE_OK;
}