diff --git a/CHANGES b/CHANGES index bc798bb1b..89855d74b 100644 --- a/CHANGES +++ b/CHANGES @@ -6,6 +6,11 @@ Changelog +Daniel S (23 October 2007) +- Bug report #1812190 (http://curl.haxx.se/bug/view.cgi?id=1812190) points out + that libcurl tried to re-use connections a bit too much when using non-SSL + protocols tunneled over a HTTP proxy. + Daniel S (22 October 2007) - Michal Marek forwarded the bug report https://bugzilla.novell.com/show_bug.cgi?id=332917 about a HTTP redirect to diff --git a/RELEASE-NOTES b/RELEASE-NOTES index cbc24b8ba..65d23608a 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -41,6 +41,8 @@ This release includes the following bugfixes: o specifying a proxy with a trailing slash didn't work (unless it also contained a port number) o redirect from HTTP to FTP memory problem + o re-used connections a bit too much when using non-SSL protocols tunneled + over a HTTP proxy This release includes the following known bugs: diff --git a/TODO-RELEASE b/TODO-RELEASE index 10ca2ed74..563d0372a 100644 --- a/TODO-RELEASE +++ b/TODO-RELEASE @@ -1,7 +1,4 @@ -To be addressed before 7.17.1 (planned release: November 2007) +To be addressed before 7.17.1 (planned release: late October 2007) ============================= -104 - [ curl-Bugs-1812190 ] libcurl can use wrong connection, when using - https - 106 - diff --git a/lib/url.c b/lib/url.c index 1fc11f1c7..9d6be5315 100644 --- a/lib/url.c +++ b/lib/url.c @@ -2399,14 +2399,18 @@ ConnectionExists(struct SessionHandle *data, /* don't do mixed SSL and non-SSL connections */ continue; - if(!needle->bits.httpproxy || needle->protocol&PROT_SSL) { - /* The requested connection does not use a HTTP proxy or it - uses SSL. */ + if(needle->bits.proxy != check->bits.proxy) + /* don't do mixed proxy and non-proxy connections */ + continue; - if(!(needle->protocol&PROT_SSL) && check->bits.httpproxy) - /* we don't do SSL but the cached connection has a proxy, - then don't match this */ - continue; + if(!needle->bits.httpproxy || needle->protocol&PROT_SSL || + (needle->bits.httpproxy && check->bits.httpproxy && + needle->bits.tunnel_proxy && check->bits.tunnel_proxy && + strequal(needle->proxy.name, check->proxy.name) && + (needle->port == check->port))) { + /* The requested connection does not use a HTTP proxy or it uses SSL or + it is a non-SSL protocol tunneled over the same http proxy name and + port number */ if(strequal(needle->protostr, check->protostr) && strequal(needle->host.name, check->host.name) &&