From c4a694862c69f2b63c6b775cd6fdf1a7afcc0a52 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 22 Sep 2008 20:42:13 +0000 Subject: [PATCH] - Michael Goffioul filed bug report #2107377 "Problem with mutli + GnuTLS + proxy" (http://curl.haxx.se/bug/view.cgi?id=2107377) that showed how a multi interface using program didn't work when built with GnuTLS and a CONNECT request was done over a proxy (basically test 502 over a proxy to a HTTPS site). It turned out the ssl connect function would get called twice which caused the second call to fail. --- CHANGES | 8 ++++++++ RELEASE-NOTES | 3 ++- lib/http.c | 7 +++++++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 81045003b..912991fc6 100644 --- a/CHANGES +++ b/CHANGES @@ -6,6 +6,14 @@ Changelog +Daniel Stenberg (22 Sep 2008) +- Michael Goffioul filed bug report #2107377 "Problem with mutli + GnuTLS + + proxy" (http://curl.haxx.se/bug/view.cgi?id=2107377) that showed how a multi + interface using program didn't work when built with GnuTLS and a CONNECT + request was done over a proxy (basically test 502 over a proxy to a HTTPS + site). It turned out the ssl connect function would get called twice which + caused the second call to fail. + Daniel Fandrich (22 Sep 2008) - Fixed test 539 to handle an out of memory condition that shows up now that memdebug.h is included in the test programs. diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 2901dd2a6..185457c61 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -22,6 +22,7 @@ This release includes the following bugfixes: o cookie with invalid expire dates are now considered expired o HTTP pipelining over proxy o fix regression in configure script which affected OpenSSL builds on MSYS + o GnuTLS-based multi interface doing HTTPS over proxy failed This release includes the following known bugs: @@ -36,6 +37,6 @@ advice from friends like these: Keith Mok, Yang Tse, Daniel Fandrich, Guenter Knauf, Dmitriy Sergeyev, Linus Nielsen Feltzing, Martin Drasar, Stefan Krause, Dmitry Kurochkin, - Mike Revi, Andres Garcia + Mike Revi, Andres Garcia, Michael Goffioul Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/http.c b/lib/http.c index b57d9b592..b60345b08 100644 --- a/lib/http.c +++ b/lib/http.c @@ -1814,6 +1814,13 @@ static CURLcode https_connecting(struct connectdata *conn, bool *done) CURLcode result; DEBUGASSERT((conn) && (conn->protocol & PROT_HTTPS)); + if(conn->ssl[FIRSTSOCKET].use) { + /* in some circumstances, this already has SSL enabled and then we don't + need to connect SSL again */ + *done = TRUE; + return CURLE_OK; + } + /* perform SSL initialization for this socket */ result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, done); if(result) {