From 571309dc3edaf1c03ff6fdfbcf551875644b5a7f Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Thu, 12 Nov 2009 11:16:31 +0000
Subject: - libcurl-NSS now tries to reconnect with TLS disabled in case it
 detects   a broken TLS server. However it does not happen if SSL version is
 selected   manually. The approach was originally taken from PSM. Kaspar Brand
 helped me   to complete the patch. Original bug reports:  
 https://bugzilla.redhat.com/525496   https://bugzilla.redhat.com/527771

---
 lib/transfer.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'lib/transfer.c')

diff --git a/lib/transfer.c b/lib/transfer.c
index e875ce309..86213f90d 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -2572,10 +2572,11 @@ CURLcode Curl_retry_request(struct connectdata *conn,
   if(data->set.upload && !(conn->protocol&PROT_HTTP))
     return CURLE_OK;
 
-  if((data->req.bytecount +
+  if(/* workaround for broken TLS servers */ data->state.ssl_connect_retry ||
+      ((data->req.bytecount +
       data->req.headerbytecount == 0) &&
      conn->bits.reuse &&
-     !data->set.opt_no_body) {
+     !data->set.opt_no_body)) {
     /* We got no data, we attempted to re-use a connection and yet we want a
        "body". This might happen if the connection was left alive when we were
        done using it before, but that was closed when we wanted to read from
-- 
cgit v1.2.3