diff options
| -rw-r--r-- | CHANGES | 15 | ||||
| -rw-r--r-- | RELEASE-NOTES | 4 | ||||
| -rw-r--r-- | lib/gtls.c | 5 | ||||
| -rw-r--r-- | lib/http.c | 13 | ||||
| -rw-r--r-- | lib/sslgen.h | 1 |
5 files changed, 28 insertions, 10 deletions
@@ -6,6 +6,21 @@ Changelog +Daniel Stenberg (11 Nov 2008) +- Rainer Canavan filed bug #2255627 + (http://curl.haxx.se/bug/view.cgi?id=2255627) which pointed out that a + program using libcurl's multi interface to download a HTTPS page with a + libcurl built powered by OpenSSL, would easily get silly and instead hand + over SSL details as data instead of the actual HTTP headers and body. This + happened because libcurl would consider the connection handshake done too + early. This problem was introduced at September 22nd 2008 with my fix of the + bug #2107377 + + The correct fix is now instead done within the GnuTLS-handling code, as both + the OpenSSL and the NSS code already deal with this situation in similar + fashion. I added test case 560 in an attempt to verify this fix, but + unfortunately it didn't trigger it even before this fix! + Yang Tse (11 Nov 2008) - Related with bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535) Daniel Fandrich noticed that curl_addrinfo was also missing in the build diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 600ca17f0..20179ccd0 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -15,6 +15,8 @@ This release includes the following bugfixes: o build failure when using MSVC 6 makefile and on four platforms more o crash when using --interface name on Linux systems with a TEQL device + o using the multi interface to download a HTTPS page with libcurl built + powered by OpenSSL could download "rubbish" instead of actual content This release includes the following known bugs: @@ -27,6 +29,6 @@ Other curl-related news: This release would not have looked like this without help, code, reports and advice from friends like these: - John Wilkinson, Adam Sampson, Daniel Fandrich, Yang Tse + John Wilkinson, Adam Sampson, Daniel Fandrich, Yang Tse, Rainer Canavan Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/gtls.c b/lib/gtls.c index 17f40ea7d..4a3232cc7 100644 --- a/lib/gtls.c +++ b/lib/gtls.c @@ -263,6 +263,11 @@ Curl_gtls_connect(struct connectdata *conn, struct in_addr addr; #endif + if(conn->ssl[sockindex].state == ssl_connection_complete) + /* to make us tolerant against being called more than once for the + same connection */ + return CURLE_OK; + if(!gtls_inited) _Curl_gtls_init(); diff --git a/lib/http.c b/lib/http.c index 370e07a66..85d99a057 100644 --- a/lib/http.c +++ b/lib/http.c @@ -114,11 +114,13 @@ static int http_getsock_do(struct connectdata *conn, curl_socket_t *socks, int numsocks); -static CURLcode https_connecting(struct connectdata *conn, bool *done); #ifdef USE_SSL +static CURLcode https_connecting(struct connectdata *conn, bool *done); static int https_getsock(struct connectdata *conn, curl_socket_t *socks, int numsocks); +#else +#define https_connecting(x,y) CURLE_COULDNT_CONNECT #endif /* @@ -1793,18 +1795,12 @@ static int http_getsock_do(struct connectdata *conn, return GETSOCK_WRITESOCK(0); } +#ifdef USE_SSL static CURLcode https_connecting(struct connectdata *conn, bool *done) { CURLcode result; DEBUGASSERT((conn) && (conn->protocol & PROT_HTTPS)); - if(conn->ssl[FIRSTSOCKET].use) { - /* in some circumstances, this already has SSL enabled and then we don't - need to connect SSL again */ - *done = TRUE; - return CURLE_OK; - } - /* perform SSL initialization for this socket */ result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, done); if(result) @@ -1812,6 +1808,7 @@ static CURLcode https_connecting(struct connectdata *conn, bool *done) to prevent (bad) re-use or similar */ return result; } +#endif #ifdef USE_SSLEAY /* This function is OpenSSL-specific. It should be made to query the generic diff --git a/lib/sslgen.h b/lib/sslgen.h index aa3c802e0..bbe7de7e9 100644 --- a/lib/sslgen.h +++ b/lib/sslgen.h @@ -79,7 +79,6 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, #define Curl_ssl_init() 1 #define Curl_ssl_cleanup() do { } while (0) #define Curl_ssl_connect(x,y) CURLE_FAILED_INIT -#define Curl_ssl_connect_nonblocking(x,y,z) (z=z, CURLE_FAILED_INIT) #define Curl_ssl_close_all(x) #define Curl_ssl_close(x,y) #define Curl_ssl_shutdown(x,y) CURLE_FAILED_INIT |