From 315e5277dc297407d98e0b017fc325e86657738a Mon Sep 17 00:00:00 2001 From: Heinrich Ko Date: Thu, 18 Nov 2010 14:07:57 -0800 Subject: ossl_connect_common: detect connection re-use ossl_connect_common() now checks whether or not 'struct connectdata->state' is equal 'ssl_connection_complete' and if so, will return CURLE_OK with 'done' set to 'TRUE'. This check prevents ossl_connect_common() from creating a new ssl connection on an existing ssl session which causes openssl to fail when it tries to parse an encrypted TLS packet since the cipher data was effectively thrown away when the new ssl connection was created. Bug: http://curl.haxx.se/mail/lib-2010-11/0169.html --- lib/ssluse.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/ssluse.c b/lib/ssluse.c index d0eaadede..d8f776018 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -2371,6 +2371,12 @@ ossl_connect_common(struct connectdata *conn, long timeout_ms; int what; + /* check if the connection has already been established */ + if(ssl_connection_complete == connssl->state) { + *done = TRUE; + return CURLE_OK; + } + if(ssl_connect_1==connssl->connecting_state) { /* Find out how much more time we're allowed */ timeout_ms = Curl_timeleft(conn, NULL, TRUE); -- cgit v1.2.3