From 315e5277dc297407d98e0b017fc325e86657738a Mon Sep 17 00:00:00 2001
From: Heinrich Ko <Heinrich.Ko@am.sony.com>
Date: Thu, 18 Nov 2010 14:07:57 -0800
Subject: [PATCH] ossl_connect_common: detect connection re-use

ossl_connect_common() now checks whether or not 'struct
connectdata->state' is equal 'ssl_connection_complete' and if so, will
return CURLE_OK with 'done' set to 'TRUE'. This check prevents
ossl_connect_common() from creating a new ssl connection on an existing
ssl session which causes openssl to fail when it tries to parse an
encrypted TLS packet since the cipher data was effectively thrown away
when the new ssl connection was created.

Bug: http://curl.haxx.se/mail/lib-2010-11/0169.html
---
 lib/ssluse.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/ssluse.c b/lib/ssluse.c
index d0eaadede2..d8f7760181 100644
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -2371,6 +2371,12 @@ ossl_connect_common(struct connectdata *conn,
   long timeout_ms;
   int what;
 
+  /* check if the connection has already been established */
+  if(ssl_connection_complete == connssl->state) {
+    *done = TRUE;
+    return CURLE_OK;
+  }
+
   if(ssl_connect_1==connssl->connecting_state) {
     /* Find out how much more time we're allowed */
     timeout_ms = Curl_timeleft(conn, NULL, TRUE);
-- 
GitLab