From 53a549000c3634f6b0a5ed262d5834c3145885d7 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 20 Feb 2008 09:56:26 +0000
Subject: - Based on initial work done by Gautam Kachroo to address a bug, we
 now keep   better control at the exact state of the connection's SSL status
 so that we   know exactly when it has completed the SSL negotiation or not so
 that there   won't be accidental re-uses of connections that are wrongly
 believed to be   in SSL-completed-negotiate state.

---
 lib/url.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

(limited to 'lib/url.c')

diff --git a/lib/url.c b/lib/url.c
index 71a533d25..3c3605c1a 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2439,10 +2439,17 @@ ConnectionExists(struct SessionHandle *data,
              ssl options as well */
           if(!Curl_ssl_config_matches(&needle->ssl_config,
                                       &check->ssl_config)) {
-            infof(data,
-                  "Connection #%ld has different SSL parameters, "
-                  "can't reuse\n",
-                  check->connectindex );
+            DEBUGF(infof(data,
+                         "Connection #%ld has different SSL parameters, "
+                         "can't reuse\n",
+                         check->connectindex));
+            continue;
+          }
+          else if(check->ssl[FIRSTSOCKET].state != ssl_connection_complete) {
+            DEBUGF(infof(data,
+                         "Connection #%ld has not started ssl connect, "
+                         "can't reuse\n",
+                         check->connectindex));
             continue;
           }
         }
-- 
cgit v1.2.3