Robson Braga Araujo fixed two problems in the recently added non-bloc…

…king SSL connects. The state machine was not reset properly so that subsequent connects using the same handle would fail, and there were two memory leaks.
curl · May 9, 2006 · 1946058 · 1946058
1 parent 73daf8c
commit 1946058
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 2 deletions.
diff --git a/CHANGES b/CHANGES
@@ -7,12 +7,41 @@
                                   Changelog
 
 Daniel (9 May 2006)
+- Robson Braga Araujo fixed two problems in the recently added non-blocking SSL
+  connects. The state machine was not reset properly so that subsequent
+  connects using the same handle would fail, and there were two memory leaks.
+
 - Robson Braga Araujo fixed a memory leak when you added an easy handle to a
   multi stack and that easy handle had already been used to do one or more
   easy interface transfers, as then the code threw away the previously used
   DNS cache without properly freeing it.
 
 Daniel (8 May 2006)
+- Dan Fandrich went over the TFTP code and he pointed out and fixed numerous
+  problems:
+
+  * The received file is corrupted when a packet is lost and retransmitted
+    (this is a serious problem!)
+
+  * Transmitting a file aborts if a block is lost and retransmitted
+
+  * Data is stored in the wrong location in the buffer for uploads, so uploads
+    always fail (I don't see how it could have ever worked, but it did on x86
+    at least)
+
+  * A number of calls are made to strerror instead of Curl_strerror, making
+    the code not thread safe
+
+  * There are references to errno instead of Curl_sockerrno(), causing
+    incorrect error messages on Windows
+
+  * The file name includes a leading / which violates RFC3617. Doing something
+    similar to ftp, where two slashes after the host name means an absolute
+    reference seems a reasonable extension to fix this.
+
+  * Failures in EBCDIC conversion are not propagated up to the caller but are
+    silently ignored
+
 - Fixed known bug #28. The TFTP code no longer assumes a packed struct and
   thus works reliably on more platforms.
 

diff --git a/lib/ssluse.c b/lib/ssluse.c
@@ -1131,7 +1131,7 @@ static void ssl_tls_trace(int direction, int ssl_ver, int content_type,
 
 static CURLcode
 Curl_ossl_connect_step1(struct connectdata *conn,
-                  int sockindex)
+                        int sockindex)
 {
   CURLcode retcode = CURLE_OK;
 
@@ -1168,6 +1168,8 @@ Curl_ossl_connect_step1(struct connectdata *conn,
     break;
   }
 
+  if (connssl->ctx)
+    SSL_CTX_free(connssl->ctx);
   connssl->ctx = SSL_CTX_new(req_method);
 
   if(!connssl->ctx) {
@@ -1193,7 +1195,7 @@ Curl_ossl_connect_step1(struct connectdata *conn,
   /* OpenSSL contains code to work-around lots of bugs and flaws in various
      SSL-implementations. SSL_CTX_set_options() is used to enabled those
      work-arounds. The man page for this option states that SSL_OP_ALL enables
-     ll the work-arounds and that "It is usually safe to use SSL_OP_ALL to
+     all the work-arounds and that "It is usually safe to use SSL_OP_ALL to
      enable the bug workaround options if compatibility with somewhat broken
      implementations is desired."
 
@@ -1279,6 +1281,8 @@ Curl_ossl_connect_step1(struct connectdata *conn,
   }
 
   /* Lets make an SSL structure */
+  if (connssl->handle)
+    SSL_free(connssl->handle);
   connssl->handle = SSL_new(connssl->ctx);
   if (!connssl->handle) {
     failf(data, "SSL: couldn't create a context (handle)!");
@@ -1638,6 +1642,9 @@ Curl_ossl_connect_common(struct connectdata *conn,
     *done = FALSE;
   }
 
+  /* Reset our connect state machine */
+  connssl->connecting_state = ssl_connect_1;
+
   return CURLE_OK;
 }