diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2008-11-11 22:19:27 +0000 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2008-11-11 22:19:27 +0000 |
| commit | 4cbc0f6c2e9557e7aad07abd62e6b836f78134e1 (patch) | |
| tree | 6774b3454069d4ef8f83b08c72ea0987c9cf3bf8 /lib | |
| parent | 1b9eff64fa05db155cb5646f25fb3749dcfe0d34 (diff) | |
- Rainer Canavan filed bug #2255627
(http://curl.haxx.se/bug/view.cgi?id=2255627) which pointed out that a
program using libcurl's multi interface to download a HTTPS page with a
libcurl built powered by OpenSSL, would easily get silly and instead hand
over SSL details as data instead of the actual HTTP headers and body. This
happened because libcurl would consider the connection handshake done too
early. This problem was introduced at September 22nd 2008 with my fix of the
bug #2107377
The correct fix is now instead done within the GnuTLS-handling code, as both
the OpenSSL and the NSS code already deal with this situation in similar
fashion. I added test case 560 in an attempt to verify this fix, but
unfortunately it didn't trigger it even before this fix!
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gtls.c | 5 | ||||
| -rw-r--r-- | lib/http.c | 13 | ||||
| -rw-r--r-- | lib/sslgen.h | 1 |
3 files changed, 10 insertions, 9 deletions
diff --git a/lib/gtls.c b/lib/gtls.c index 17f40ea7d..4a3232cc7 100644 --- a/lib/gtls.c +++ b/lib/gtls.c @@ -263,6 +263,11 @@ Curl_gtls_connect(struct connectdata *conn, struct in_addr addr; #endif + if(conn->ssl[sockindex].state == ssl_connection_complete) + /* to make us tolerant against being called more than once for the + same connection */ + return CURLE_OK; + if(!gtls_inited) _Curl_gtls_init(); diff --git a/lib/http.c b/lib/http.c index 370e07a66..85d99a057 100644 --- a/lib/http.c +++ b/lib/http.c @@ -114,11 +114,13 @@ static int http_getsock_do(struct connectdata *conn, curl_socket_t *socks, int numsocks); -static CURLcode https_connecting(struct connectdata *conn, bool *done); #ifdef USE_SSL +static CURLcode https_connecting(struct connectdata *conn, bool *done); static int https_getsock(struct connectdata *conn, curl_socket_t *socks, int numsocks); +#else +#define https_connecting(x,y) CURLE_COULDNT_CONNECT #endif /* @@ -1793,18 +1795,12 @@ static int http_getsock_do(struct connectdata *conn, return GETSOCK_WRITESOCK(0); } +#ifdef USE_SSL static CURLcode https_connecting(struct connectdata *conn, bool *done) { CURLcode result; DEBUGASSERT((conn) && (conn->protocol & PROT_HTTPS)); - if(conn->ssl[FIRSTSOCKET].use) { - /* in some circumstances, this already has SSL enabled and then we don't - need to connect SSL again */ - *done = TRUE; - return CURLE_OK; - } - /* perform SSL initialization for this socket */ result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, done); if(result) @@ -1812,6 +1808,7 @@ static CURLcode https_connecting(struct connectdata *conn, bool *done) to prevent (bad) re-use or similar */ return result; } +#endif #ifdef USE_SSLEAY /* This function is OpenSSL-specific. It should be made to query the generic diff --git a/lib/sslgen.h b/lib/sslgen.h index aa3c802e0..bbe7de7e9 100644 --- a/lib/sslgen.h +++ b/lib/sslgen.h @@ -79,7 +79,6 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, #define Curl_ssl_init() 1 #define Curl_ssl_cleanup() do { } while (0) #define Curl_ssl_connect(x,y) CURLE_FAILED_INIT -#define Curl_ssl_connect_nonblocking(x,y,z) (z=z, CURLE_FAILED_INIT) #define Curl_ssl_close_all(x) #define Curl_ssl_close(x,y) #define Curl_ssl_shutdown(x,y) CURLE_FAILED_INIT |