diff options
| -rw-r--r-- | CHANGES | 4 | ||||
| -rw-r--r-- | RELEASE-NOTES | 1 | ||||
| -rw-r--r-- | lib/url.c | 8 |
3 files changed, 10 insertions, 3 deletions
@@ -7,6 +7,10 @@ Changelog Daniel Stenberg (20 Nov 2009) +- Constantine Sapuntzakis identified a write after close, as the sockets were + closed by libcurl before the SSL lib were shutdown and they may write to its + socket. Detected to at least happen with OpenSSL builds. + - Jad Chamcham pointed out a bug with connection re-use. If a connection had CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the same proxy with the tunnel option disabled would still wrongly re-use that diff --git a/RELEASE-NOTES b/RELEASE-NOTES index cae130cd3..64e84e687 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -24,6 +24,7 @@ This release includes the following bugfixes: o don't store LDFLAGS in pkg-config file o never-pruned DNS cached entries o HTTP proxy tunnel re-used connection even if tunnel got disabled + o SSL lib post-close write This release includes the following known bugs: @@ -2300,6 +2300,11 @@ static void conn_free(struct connectdata *conn) if(!conn) return; + /* close the SSL stuff before we close any sockets since they will/may + write to the sockets */ + Curl_ssl_close(conn, FIRSTSOCKET); + Curl_ssl_close(conn, SECONDARYSOCKET); + /* close possibly still open sockets */ if(CURL_SOCKET_BAD != conn->sock[SECONDARYSOCKET]) sclose(conn->sock[SECONDARYSOCKET]); @@ -2336,9 +2341,6 @@ static void conn_free(struct connectdata *conn) Curl_destroy_thread_data(&conn->async); #endif - Curl_ssl_close(conn, FIRSTSOCKET); - Curl_ssl_close(conn, SECONDARYSOCKET); - Curl_free_ssl_config(&conn->ssl_config); free(conn); /* free all the connection oriented data */ |