- Stefan Krause reported a case where the OpenSSL handshake phase wasn't
properly acknowledging the timeout values, like if you pulled the network plug in the midst of it.
This commit is contained in:
4
CHANGES
4
CHANGES
@@ -8,6 +8,10 @@
|
|||||||
|
|
||||||
|
|
||||||
Daniel Stenberg (14 Apr 2008)
|
Daniel Stenberg (14 Apr 2008)
|
||||||
|
- Stefan Krause reported a case where the OpenSSL handshake phase wasn't
|
||||||
|
properly acknowledging the timeout values, like if you pulled the network
|
||||||
|
plug in the midst of it.
|
||||||
|
|
||||||
- Andre Guibert de Bruet fixed a second case of not checking the malloc()
|
- Andre Guibert de Bruet fixed a second case of not checking the malloc()
|
||||||
return code in the Negotiate code.
|
return code in the Negotiate code.
|
||||||
|
|
||||||
|
@@ -38,6 +38,6 @@ This release would not have looked like this without help, code, reports and
|
|||||||
advice from friends like these:
|
advice from friends like these:
|
||||||
|
|
||||||
Michal Marek, Daniel Fandrich, Scott Barrett, Alexey Simak, Daniel Black,
|
Michal Marek, Daniel Fandrich, Scott Barrett, Alexey Simak, Daniel Black,
|
||||||
Rafa Muyo, Andre Guibert de Bruet, Brock Noland, Sandor Feldi
|
Rafa Muyo, Andre Guibert de Bruet, Brock Noland, Sandor Feldi, Stefan Krause
|
||||||
|
|
||||||
Thanks! (and sorry if I forgot to mention someone)
|
Thanks! (and sorry if I forgot to mention someone)
|
||||||
|
31
lib/ssluse.c
31
lib/ssluse.c
@@ -1497,8 +1497,7 @@ ossl_connect_step1(struct connectdata *conn,
|
|||||||
}
|
}
|
||||||
|
|
||||||
static CURLcode
|
static CURLcode
|
||||||
ossl_connect_step2(struct connectdata *conn,
|
ossl_connect_step2(struct connectdata *conn, int sockindex)
|
||||||
int sockindex, long *timeout_ms)
|
|
||||||
{
|
{
|
||||||
struct SessionHandle *data = conn->data;
|
struct SessionHandle *data = conn->data;
|
||||||
int err;
|
int err;
|
||||||
@@ -1508,15 +1507,6 @@ ossl_connect_step2(struct connectdata *conn,
|
|||||||
|| ssl_connect_2_reading == connssl->connecting_state
|
|| ssl_connect_2_reading == connssl->connecting_state
|
||||||
|| ssl_connect_2_writing == connssl->connecting_state);
|
|| ssl_connect_2_writing == connssl->connecting_state);
|
||||||
|
|
||||||
/* Find out how much more time we're allowed */
|
|
||||||
*timeout_ms = Curl_timeleft(conn, NULL, TRUE);
|
|
||||||
|
|
||||||
if(*timeout_ms < 0) {
|
|
||||||
/* no need to continue if time already is up */
|
|
||||||
failf(data, "SSL connection timeout");
|
|
||||||
return CURLE_OPERATION_TIMEDOUT;
|
|
||||||
}
|
|
||||||
|
|
||||||
err = SSL_connect(connssl->handle);
|
err = SSL_connect(connssl->handle);
|
||||||
|
|
||||||
/* 1 is fine
|
/* 1 is fine
|
||||||
@@ -1767,6 +1757,14 @@ ossl_connect_common(struct connectdata *conn,
|
|||||||
long timeout_ms;
|
long timeout_ms;
|
||||||
|
|
||||||
if(ssl_connect_1==connssl->connecting_state) {
|
if(ssl_connect_1==connssl->connecting_state) {
|
||||||
|
/* Find out how much more time we're allowed */
|
||||||
|
timeout_ms = Curl_timeleft(conn, NULL, TRUE);
|
||||||
|
|
||||||
|
if(timeout_ms < 0) {
|
||||||
|
/* no need to continue if time already is up */
|
||||||
|
failf(data, "SSL connection timeout");
|
||||||
|
return CURLE_OPERATION_TIMEDOUT;
|
||||||
|
}
|
||||||
retcode = ossl_connect_step1(conn, sockindex);
|
retcode = ossl_connect_step1(conn, sockindex);
|
||||||
if(retcode)
|
if(retcode)
|
||||||
return retcode;
|
return retcode;
|
||||||
@@ -1777,6 +1775,15 @@ ossl_connect_common(struct connectdata *conn,
|
|||||||
ssl_connect_2_reading == connssl->connecting_state ||
|
ssl_connect_2_reading == connssl->connecting_state ||
|
||||||
ssl_connect_2_writing == connssl->connecting_state) {
|
ssl_connect_2_writing == connssl->connecting_state) {
|
||||||
|
|
||||||
|
/* check allowed time left */
|
||||||
|
timeout_ms = Curl_timeleft(conn, NULL, TRUE);
|
||||||
|
|
||||||
|
if(timeout_ms < 0) {
|
||||||
|
/* no need to continue if time already is up */
|
||||||
|
failf(data, "SSL connection timeout");
|
||||||
|
return CURLE_OPERATION_TIMEDOUT;
|
||||||
|
}
|
||||||
|
|
||||||
/* if ssl is expecting something, check if it's available. */
|
/* if ssl is expecting something, check if it's available. */
|
||||||
if(connssl->connecting_state == ssl_connect_2_reading
|
if(connssl->connecting_state == ssl_connect_2_reading
|
||||||
|| connssl->connecting_state == ssl_connect_2_writing) {
|
|| connssl->connecting_state == ssl_connect_2_writing) {
|
||||||
@@ -1812,7 +1819,7 @@ ossl_connect_common(struct connectdata *conn,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* get the timeout from step2 to avoid computing it twice. */
|
/* get the timeout from step2 to avoid computing it twice. */
|
||||||
retcode = ossl_connect_step2(conn, sockindex, &timeout_ms);
|
retcode = ossl_connect_step2(conn, sockindex);
|
||||||
if(retcode)
|
if(retcode)
|
||||||
return retcode;
|
return retcode;
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user