aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls
diff options
context:
space:
mode:
authorKamil Dudka <kdudka@redhat.com>2014-10-20 18:18:57 +0200
committerKamil Dudka <kdudka@redhat.com>2014-10-20 18:55:51 +0200
commit0aecdf682895b42c25b232e91529f48bdf7738b3 (patch)
treee541e39a24bbecb0b93334dd1d7c8d57425a37af /lib/vtls
parent8ed66f98a954cfce92f770adeb2320deb1ea700e (diff)
nss: reset SSL handshake state machine
... when the handshake succeeds This fixes a connection failure when FTPS handle is reused.
Diffstat (limited to 'lib/vtls')
-rw-r--r--lib/vtls/nss.c17
1 files changed, 9 insertions, 8 deletions
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index c84938fa4..ebf7fb2fa 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -1482,9 +1482,6 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
#endif
- if(connssl->state == ssl_connection_complete)
- return CURLE_OK;
-
connssl->data = data;
/* list of all NSS objects we need to destroy in Curl_nss_close() */
@@ -1749,10 +1746,6 @@ static CURLcode nss_do_connect(struct connectdata *conn, int sockindex)
goto error;
}
- connssl->state = ssl_connection_complete;
- conn->recv[sockindex] = nss_recv;
- conn->send[sockindex] = nss_send;
-
display_conn_info(conn, connssl->handle);
if(data->set.str[STRING_SSL_ISSUERCERT]) {
@@ -1788,6 +1781,9 @@ static CURLcode nss_connect_common(struct connectdata *conn, int sockindex,
const bool blocking = (done == NULL);
CURLcode rv;
+ if(connssl->state == ssl_connection_complete)
+ return CURLE_OK;
+
if(connssl->connecting_state == ssl_connect_1) {
rv = nss_setup_connect(conn, sockindex);
if(rv)
@@ -1827,7 +1823,12 @@ static CURLcode nss_connect_common(struct connectdata *conn, int sockindex,
/* signal completed SSL handshake */
*done = TRUE;
- connssl->connecting_state = ssl_connect_done;
+ connssl->state = ssl_connection_complete;
+ conn->recv[sockindex] = nss_recv;
+ conn->send[sockindex] = nss_send;
+
+ /* ssl_connect_done is never used outside, go back to the initial state */
+ connssl->connecting_state = ssl_connect_1;
return CURLE_OK;
}