[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 124/173: nss: make FTPS work with --proxytunnel
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 124/173: nss: make FTPS work with --proxytunnel |
Date: |
Fri, 24 Feb 2017 14:02:26 +0100 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.53.1
in repository gnurl.
commit 8fa5409800668ad5305e7517597286014c7708fb
Author: Kamil Dudka <address@hidden>
AuthorDate: Thu Feb 9 16:21:52 2017 +0100
nss: make FTPS work with --proxytunnel
If the NSS code was in the middle of a non-blocking handshake and it
was asked to finish the handshake in blocking mode, it unexpectedly
continued in the non-blocking mode, which caused a FTPS connection
over CONNECT to fail with "(81) Socket not ready for send/recv".
Bug: https://bugzilla.redhat.com/1420327
---
RELEASE-NOTES | 2 ++
lib/vtls/nss.c | 23 +++++++++++------------
2 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 0ad6d9342..0cdf29c31 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -87,6 +87,7 @@ This release includes the following bugfixes:
o telnet: Fix typos [45]
o transfer: only retry nobody-requests for HTTP [46]
o http2: reset push header counter fixes crash [47]
+ o nss: make FTPS work with --proxytunnel [48]
This release includes the following known bugs:
@@ -157,3 +158,4 @@ References to bug reports and discussions on issues:
[45] = https://curl.haxx.se/bug/?i=1245
[46] = https://curl.haxx.se/bug/?i=1243
[47] = https://curl.haxx.se/bug/?i=1249
+ [48] = https://bugzilla.redhat.com/1420327
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index aefe636eb..d5158acef 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -1612,13 +1612,14 @@ static CURLcode nss_fail_connect(struct
ssl_connect_data *connssl,
return curlerr;
}
-/* Switch the SSL socket into non-blocking mode. */
-static CURLcode nss_set_nonblock(struct ssl_connect_data *connssl,
- struct Curl_easy *data)
+/* Switch the SSL socket into blocking or non-blocking mode. */
+static CURLcode nss_set_blocking(struct ssl_connect_data *connssl,
+ struct Curl_easy *data,
+ bool blocking)
{
static PRSocketOptionData sock_opt;
sock_opt.option = PR_SockOpt_Nonblocking;
- sock_opt.value.non_blocking = PR_TRUE;
+ sock_opt.value.non_blocking = !blocking;
if(PR_SetSocketOption(connssl->handle, &sock_opt) != PR_SUCCESS)
return nss_fail_connect(connssl, data, CURLE_SSL_CONNECT_ERROR);
@@ -2007,16 +2008,14 @@ static CURLcode nss_connect_common(struct connectdata
*conn, int sockindex,
/* we do not expect CURLE_AGAIN from nss_setup_connect() */
return result;
- if(!blocking) {
- /* in non-blocking mode, set NSS non-blocking mode before handshake */
- result = nss_set_nonblock(connssl, data);
- if(result)
- return result;
- }
-
connssl->connecting_state = ssl_connect_2;
}
+ /* enable/disable blocking mode before handshake */
+ result = nss_set_blocking(connssl, data, blocking);
+ if(result)
+ return result;
+
result = nss_do_connect(conn, sockindex);
switch(result) {
case CURLE_OK:
@@ -2032,7 +2031,7 @@ static CURLcode nss_connect_common(struct connectdata
*conn, int sockindex,
if(blocking) {
/* in blocking mode, set NSS non-blocking mode _after_ SSL handshake */
- result = nss_set_nonblock(connssl, data);
+ result = nss_set_blocking(connssl, data, /* blocking */ FALSE);
if(result)
return result;
}
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 75/173: openssl: Fix random generation, (continued)
- [GNUnet-SVN] [gnurl] 75/173: openssl: Fix random generation, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 74/173: TODO: share OpenSSL contexts, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 99/173: RELEASE-NOTES; synced with ab08d82648, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 79/173: docs: non-blocking SSL handshake is now supported with NSS, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 98/173: mbedtls: disable TLS session tickets, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 132/173: smb: code indent, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 135/173: axtls: adapt to API changes, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 106/173: docs: Add more HTTPS proxy documentation, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 57/173: docs: Add note about libcurl copying strings to CURLOPT_* manpages, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 119/173: test1139: Added the --manual keyword since the manual is required, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 124/173: nss: make FTPS work with --proxytunnel,
gnunet <=
- [GNUnet-SVN] [gnurl] 93/173: INTERNALS.md: language improvements, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 110/173: CHANGES: spell fix, use correct path to script, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 78/173: CURLOPT_CONNECT_TO: Fix compile warnings, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 88/173: vtls: source indentation fix, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 170/173: tests: use consistent environment variables for setting charset, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 153/173: TLS: make SSL_VERIFYSTATUS work again, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 160/173: TODO: HTTP Digest using SHA-256, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 115/173: transfer: only retry nobody-requests for HTTP, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 114/173: telnet: Fix typos, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 130/173: http2: fix memory-leak when denying push streams, gnunet, 2017/02/24