Rob Crittenden fixed bug #1705802

(http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
Black identifying several FTP-SSL test cases fail when we build libcurl with
NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS.

4 files changed, 16 insertions, 5 deletions

diff --git a/CHANGES b/CHANGES
index a4db52af0..dc717ec3e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,12 @@
                              \___|\___/|_| \_\_____|
 
                                   Changelog
+Daniel S (25 May 2007)
+- Rob Crittenden fixed bug #1705802
+  (http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
+  Black identifying several FTP-SSL test cases fail when we build libcurl with
+  NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS.
+
 Daniel S (24 May 2007)
 - Song Ma filed bug report #1724016
   (http://curl.haxx.se/bug/view.cgi?id=1724016) noticing that downloading
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 4aba1bc69..fcd2ba95d 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -47,6 +47,7 @@ This release includes the following bugfixes:
  o improved curl -w for TFTP transfers
  o memory leak when failed OpenSSL certificate CN field checking
  o memory leak when OpenSSL failed PKCS #12 parsing
+ o FPL-SSL when built with NSS
 
 This release includes the following known bugs:
 
@@ -72,6 +73,6 @@ advice from friends like these:
  James Housley, Daniel Black, Steve Little, Sonia Subramanian, Peter O'Gorman,
  Frank Hempel, Michael Wallner, Jeff Pohlmeyer, Tobias Rundström,
  Anders Gustafsson, James Bursa, Kristian Gunstone, Feng Tu,
- Andre Guibert de Bruet
+ Andre Guibert de Bruet, Rob Crittenden
 
         Thanks! (and sorry if I forgot to mention someone)
diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS
index 7a2357a63..85885fcf9 100644
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -3,10 +3,6 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!
 
-42. Daniel Black filed bug report #1705802 where he accurately mentions that
-  several FTP-SSL test cases fail when we build libcurl with NSS for TLS/SSL:
-  http://curl.haxx.se/bug/view.cgi?id=1705802
-
 41. When doing an operation over FTP that requires the ACCT command (but not
   when logging in), the operation will fail since libcurl doesn't detect this
   and thus fails to issue the correct command:
diff --git a/lib/nss.c b/lib/nss.c
index 652d9f1f7..ec7815400 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -74,6 +74,8 @@ PRFileDesc *PR_ImportTCPSocket(PRInt32 osfd);
 static int initialized = 0;
 static int noverify = 0;
 
+#define HANDSHAKE_TIMEOUT 30
+
 typedef struct {
   PRInt32 retryCount;
   struct SessionHandle *data;
@@ -513,6 +515,12 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex)
 
   SSL_SetURL(connssl->handle, conn->host.name);
 
+  /* Force the handshake now */
+  if (SSL_ForceHandshakeWithTimeout(connssl->handle,
+                                    PR_SecondsToInterval(HANDSHAKE_TIMEOUT))
+      != SECSuccess)
+    goto error;
+
   return CURLE_OK;
 
 error: