vtls: only store TIMER_APPCONNECT for non-proxy connect

Introducing a 'isproxy' argument to the connect function so that it knows wether to store the time stamp or not. Reported-by: Yongkang Huang Fixes #7274 Closes #7274
2021-06-18 10:18:39 +02:00 · 2021-06-18 10:18:39 +02:00 · a6da296867
parent bfa0309175
commit a6da296867
9 changed files with 20 additions and 16 deletions
--- a/lib/http.c
+++ b/lib/http.c
@ -1588,7 +1588,7 @@ static CURLcode https_connecting(struct Curl_easy *data, bool *done)
 #endif

  /* perform SSL initialization for this socket */
-  result = Curl_ssl_connect_nonblocking(data, conn, FIRSTSOCKET, done);
+  result = Curl_ssl_connect_nonblocking(data, conn, FALSE, FIRSTSOCKET, done);
  if(result)
    connclose(conn, "Failed HTTPS connection");

--- a/lib/http_proxy.c
+++ b/lib/http_proxy.c
@ -61,7 +61,7 @@ static CURLcode https_proxy_connect(struct Curl_easy *data, int sockindex)
  if(!conn->bits.proxy_ssl_connected[sockindex]) {
    /* perform SSL initialization for this socket */
    result =
-      Curl_ssl_connect_nonblocking(data, conn, sockindex,
+      Curl_ssl_connect_nonblocking(data, conn, TRUE, sockindex,
                                   &conn->bits.proxy_ssl_connected[sockindex]);
    if(result)
      /* a failed connection is marked for closure to prevent (bad) re-use or
--- a/lib/imap.c
+++ b/lib/imap.c
@ -475,8 +475,8 @@ static CURLcode imap_perform_upgrade_tls(struct Curl_easy *data,
 {
  /* Start the SSL connection */
  struct imap_conn *imapc = &conn->proto.imapc;
-  CURLcode result = Curl_ssl_connect_nonblocking(data, conn, FIRSTSOCKET,
-                                                 &imapc->ssldone);
+  CURLcode result = Curl_ssl_connect_nonblocking(data, conn, FALSE,
+                                                 FIRSTSOCKET, &imapc->ssldone);

  if(!result) {
    if(imapc->state != IMAP_UPGRADETLS)
@ -1369,7 +1369,7 @@ static CURLcode imap_multi_statemach(struct Curl_easy *data, bool *done)
  struct imap_conn *imapc = &conn->proto.imapc;

  if((conn->handler->flags & PROTOPT_SSL) && !imapc->ssldone) {
-    result = Curl_ssl_connect_nonblocking(data, conn,
+    result = Curl_ssl_connect_nonblocking(data, conn, FALSE,
                                          FIRSTSOCKET, &imapc->ssldone);
    if(result || !imapc->ssldone)
      return result;
--- a/lib/openldap.c
+++ b/lib/openldap.c
@ -247,7 +247,7 @@ static CURLcode oldap_connect(struct Curl_easy *data, bool *done)
 #ifdef USE_SSL
  if(conn->handler->flags & PROTOPT_SSL) {
    CURLcode result;
-    result = Curl_ssl_connect_nonblocking(data, conn,
+    result = Curl_ssl_connect_nonblocking(data, conn, FALSE,
                                          FIRSTSOCKET, &li->ssldone);
    if(result)
      return result;
@ -270,7 +270,8 @@ static CURLcode oldap_connecting(struct Curl_easy *data, bool *done)
  if(conn->handler->flags & PROTOPT_SSL) {
    /* Is the SSL handshake complete yet? */
    if(!li->ssldone) {
-      CURLcode result = Curl_ssl_connect_nonblocking(data, conn, FIRSTSOCKET,
+      CURLcode result = Curl_ssl_connect_nonblocking(data, conn, FALSE,
+                                                     FIRSTSOCKET,
                                                     &li->ssldone);
      if(result || !li->ssldone)
        return result;
--- a/lib/pop3.c
+++ b/lib/pop3.c
@ -370,8 +370,9 @@ static CURLcode pop3_perform_upgrade_tls(struct Curl_easy *data,
 {
  /* Start the SSL connection */
  struct pop3_conn *pop3c = &conn->proto.pop3c;
-  CURLcode result = Curl_ssl_connect_nonblocking(data, conn, FIRSTSOCKET,
-                                                 &pop3c->ssldone);
+  CURLcode result =
+    Curl_ssl_connect_nonblocking(data, conn, FALSE, FIRSTSOCKET,
+                                 &pop3c->ssldone);

  if(!result) {
    if(pop3c->state != POP3_UPGRADETLS)
@ -1031,7 +1032,7 @@ static CURLcode pop3_multi_statemach(struct Curl_easy *data, bool *done)
  struct pop3_conn *pop3c = &conn->proto.pop3c;

  if((conn->handler->flags & PROTOPT_SSL) && !pop3c->ssldone) {
-    result = Curl_ssl_connect_nonblocking(data, conn,
+    result = Curl_ssl_connect_nonblocking(data, conn, FALSE,
                                          FIRSTSOCKET, &pop3c->ssldone);
    if(result || !pop3c->ssldone)
      return result;
--- a/lib/smb.c
+++ b/lib/smb.c
@ -670,7 +670,7 @@ static CURLcode smb_connection_state(struct Curl_easy *data, bool *done)
 #ifdef USE_SSL
    if((conn->handler->flags & PROTOPT_SSL)) {
      bool ssl_done = FALSE;
-      result = Curl_ssl_connect_nonblocking(data, conn,
+      result = Curl_ssl_connect_nonblocking(data, conn, FALSE,
                                            FIRSTSOCKET, &ssl_done);
      if(result && result != CURLE_AGAIN)
        return result;
--- a/lib/smtp.c
+++ b/lib/smtp.c
@ -397,7 +397,8 @@ static CURLcode smtp_perform_upgrade_tls(struct Curl_easy *data)
  /* Start the SSL connection */
  struct connectdata *conn = data->conn;
  struct smtp_conn *smtpc = &conn->proto.smtpc;
-  CURLcode result = Curl_ssl_connect_nonblocking(data, conn, FIRSTSOCKET,
+  CURLcode result = Curl_ssl_connect_nonblocking(data, conn, FALSE,
+                                                 FIRSTSOCKET,
                                                 &smtpc->ssldone);

  if(!result) {
@ -1258,7 +1259,7 @@ static CURLcode smtp_multi_statemach(struct Curl_easy *data, bool *done)
  struct smtp_conn *smtpc = &conn->proto.smtpc;

  if((conn->handler->flags & PROTOPT_SSL) && !smtpc->ssldone) {
-    result = Curl_ssl_connect_nonblocking(data, conn,
+    result = Curl_ssl_connect_nonblocking(data, conn, FALSE,
                                          FIRSTSOCKET, &smtpc->ssldone);
    if(result || !smtpc->ssldone)
      return result;
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@ -326,7 +326,7 @@ Curl_ssl_connect(struct Curl_easy *data, struct connectdata *conn,

 CURLcode
 Curl_ssl_connect_nonblocking(struct Curl_easy *data, struct connectdata *conn,
-                             int sockindex, bool *done)
+                             bool isproxy, int sockindex, bool *done)
 {
  CURLcode result;

@ -345,7 +345,7 @@ Curl_ssl_connect_nonblocking(struct Curl_easy *data, struct connectdata *conn,
  result = Curl_ssl->connect_nonblocking(data, conn, sockindex, done);
  if(result)
    conn->ssl[sockindex].use = FALSE;
-  else if(*done)
+  else if(*done && !isproxy)
    Curl_pgrsTime(data, TIMER_APPCONNECT); /* SSL is connected */
  return result;
 }
--- a/lib/vtls/vtls.h
+++ b/lib/vtls/vtls.h
@ -193,6 +193,7 @@ CURLcode Curl_ssl_connect(struct Curl_easy *data, struct connectdata *conn,
                          int sockindex);
 CURLcode Curl_ssl_connect_nonblocking(struct Curl_easy *data,
                                      struct connectdata *conn,
+                                      bool isproxy,
                                      int sockindex,
                                      bool *done);
 /* tell the SSL stuff to close down all open information regarding
@ -313,7 +314,7 @@ void Curl_ssl_detach_conn(struct Curl_easy *data,
 #define Curl_ssl_data_pending(x,y) 0
 #define Curl_ssl_check_cxn(x) 0
 #define Curl_ssl_free_certinfo(x) Curl_nop_stmt
-#define Curl_ssl_connect_nonblocking(x,y,z,w) CURLE_NOT_BUILT_IN
+#define Curl_ssl_connect_nonblocking(x,y,z,w,a) CURLE_NOT_BUILT_IN
 #define Curl_ssl_kill_session(x) Curl_nop_stmt
 #define Curl_ssl_random(x,y,z) ((void)x, CURLE_NOT_BUILT_IN)
 #define Curl_ssl_cert_status_request() FALSE