[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 120/205: http: do not treat FTPS over CONNECT as HT
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 120/205: http: do not treat FTPS over CONNECT as HTTPS |
Date: |
Thu, 20 Apr 2017 16:21:00 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.54.0
in repository gnurl.
commit 2549831daaa3aef394f7b42e750cba1afae35642
Author: Kamil Dudka <address@hidden>
AuthorDate: Tue Mar 28 15:50:59 2017 +0200
http: do not treat FTPS over CONNECT as HTTPS
If we use FTPS over CONNECT, the TLS handshake for the FTPS control
connection needs to be initiated in the SENDPROTOCONNECT state, not
the WAITPROXYCONNECT state. Otherwise, if the TLS handshake completed
without blocking, the information about the completed TLS handshake
would be saved to a wrong flag. Consequently, the TLS handshake would
be initiated in the SENDPROTOCONNECT state once again on the same
connection, resulting in a failure of the TLS handshake. I was able to
observe the failure with the NSS backend if curl ran through valgrind.
Note that this commit partially reverts curl-7_21_6-52-ge34131d.
---
lib/http.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/http.c b/lib/http.c
index 0b680b2d6..22d454709 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -1369,7 +1369,7 @@ CURLcode Curl_http_connect(struct connectdata *conn, bool
*done)
/* nothing else to do except wait right now - we're not done here. */
return CURLE_OK;
- if(conn->given->flags & PROTOPT_SSL) {
+ if(conn->given->protocol & CURLPROTO_HTTPS) {
/* perform SSL initialization */
result = https_connecting(conn, done);
if(result)
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 89/205: tests: fixed the documented test server port numbers, (continued)
- [GNUnet-SVN] [gnurl] 89/205: tests: fixed the documented test server port numbers, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 101/205: make: introduce 'test-nonflaky' target, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 72/205: test1287: added verbose logs keyword, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 76/205: RELEASE-NOTES: synced with c25e0761d0fc49c4, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 52/205: openssl: unbreak the build after 6448f98c1857de, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 91/205: CONTRIBUTE: mention referring to github issues in commit msgs, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 86/205: darwinssl: fix typo in variable name, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 94/205: RELEASE-NOTES: typo, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 85/205: tool_operate: Fix showing HTTPS-Proxy options on CURLE_SSL_CACERT, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 113/205: .gitattributes: turn off CRLF for *.am, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 120/205: http: do not treat FTPS over CONNECT as HTTPS,
gnunet <=
- [GNUnet-SVN] [gnurl] 110/205: tests/README: make "Run" section foolproof, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 98/205: cmake: add support for building HTML and PDF docs, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 95/205: examples: comment typos in http2 examples, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 70/205: url: add option CURLOPT_SUPPRESS_CONNECT_HEADERS, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 22/205: url: split off proxy init and parsing from create_conn, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 122/205: make: use the variable MAKE for recursive calls, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 129/205: cmake: add cmake file in docs/libcurl/opts/ to dist, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 45/205: gitignore: Ignore man page dist files, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 74/205: test1440/1: depend on well-defined file: behaviour, gnunet, 2017/04/20
- [GNUnet-SVN] [gnurl] 88/205: test714/5: added HTTP as a required feature, gnunet, 2017/04/20