mirror of
https://github.com/moparisthebest/curl
synced 2024-08-13 17:03:50 -04:00
nss: make FTPS work with --proxytunnel
If the NSS code was in the middle of a non-blocking handshake and it was asked to finish the handshake in blocking mode, it unexpectedly continued in the non-blocking mode, which caused a FTPS connection over CONNECT to fail with "(81) Socket not ready for send/recv". Bug: https://bugzilla.redhat.com/1420327
This commit is contained in:
parent
bef0d00110
commit
8fa5409800
@ -87,6 +87,7 @@ This release includes the following bugfixes:
|
|||||||
o telnet: Fix typos [45]
|
o telnet: Fix typos [45]
|
||||||
o transfer: only retry nobody-requests for HTTP [46]
|
o transfer: only retry nobody-requests for HTTP [46]
|
||||||
o http2: reset push header counter fixes crash [47]
|
o http2: reset push header counter fixes crash [47]
|
||||||
|
o nss: make FTPS work with --proxytunnel [48]
|
||||||
|
|
||||||
This release includes the following known bugs:
|
This release includes the following known bugs:
|
||||||
|
|
||||||
@ -157,3 +158,4 @@ References to bug reports and discussions on issues:
|
|||||||
[45] = https://curl.haxx.se/bug/?i=1245
|
[45] = https://curl.haxx.se/bug/?i=1245
|
||||||
[46] = https://curl.haxx.se/bug/?i=1243
|
[46] = https://curl.haxx.se/bug/?i=1243
|
||||||
[47] = https://curl.haxx.se/bug/?i=1249
|
[47] = https://curl.haxx.se/bug/?i=1249
|
||||||
|
[48] = https://bugzilla.redhat.com/1420327
|
||||||
|
@ -1612,13 +1612,14 @@ static CURLcode nss_fail_connect(struct ssl_connect_data *connssl,
|
|||||||
return curlerr;
|
return curlerr;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Switch the SSL socket into non-blocking mode. */
|
/* Switch the SSL socket into blocking or non-blocking mode. */
|
||||||
static CURLcode nss_set_nonblock(struct ssl_connect_data *connssl,
|
static CURLcode nss_set_blocking(struct ssl_connect_data *connssl,
|
||||||
struct Curl_easy *data)
|
struct Curl_easy *data,
|
||||||
|
bool blocking)
|
||||||
{
|
{
|
||||||
static PRSocketOptionData sock_opt;
|
static PRSocketOptionData sock_opt;
|
||||||
sock_opt.option = PR_SockOpt_Nonblocking;
|
sock_opt.option = PR_SockOpt_Nonblocking;
|
||||||
sock_opt.value.non_blocking = PR_TRUE;
|
sock_opt.value.non_blocking = !blocking;
|
||||||
|
|
||||||
if(PR_SetSocketOption(connssl->handle, &sock_opt) != PR_SUCCESS)
|
if(PR_SetSocketOption(connssl->handle, &sock_opt) != PR_SUCCESS)
|
||||||
return nss_fail_connect(connssl, data, CURLE_SSL_CONNECT_ERROR);
|
return nss_fail_connect(connssl, data, CURLE_SSL_CONNECT_ERROR);
|
||||||
@ -2007,16 +2008,14 @@ static CURLcode nss_connect_common(struct connectdata *conn, int sockindex,
|
|||||||
/* we do not expect CURLE_AGAIN from nss_setup_connect() */
|
/* we do not expect CURLE_AGAIN from nss_setup_connect() */
|
||||||
return result;
|
return result;
|
||||||
|
|
||||||
if(!blocking) {
|
|
||||||
/* in non-blocking mode, set NSS non-blocking mode before handshake */
|
|
||||||
result = nss_set_nonblock(connssl, data);
|
|
||||||
if(result)
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
|
|
||||||
connssl->connecting_state = ssl_connect_2;
|
connssl->connecting_state = ssl_connect_2;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* enable/disable blocking mode before handshake */
|
||||||
|
result = nss_set_blocking(connssl, data, blocking);
|
||||||
|
if(result)
|
||||||
|
return result;
|
||||||
|
|
||||||
result = nss_do_connect(conn, sockindex);
|
result = nss_do_connect(conn, sockindex);
|
||||||
switch(result) {
|
switch(result) {
|
||||||
case CURLE_OK:
|
case CURLE_OK:
|
||||||
@ -2032,7 +2031,7 @@ static CURLcode nss_connect_common(struct connectdata *conn, int sockindex,
|
|||||||
|
|
||||||
if(blocking) {
|
if(blocking) {
|
||||||
/* in blocking mode, set NSS non-blocking mode _after_ SSL handshake */
|
/* in blocking mode, set NSS non-blocking mode _after_ SSL handshake */
|
||||||
result = nss_set_nonblock(connssl, data);
|
result = nss_set_blocking(connssl, data, /* blocking */ FALSE);
|
||||||
if(result)
|
if(result)
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user