Unverified Commit 4939f365 authored by Laurent Bonnans's avatar Laurent Bonnans Committed by Daniel Stenberg
Browse files

vtls: reinstantiate engine on duplicated handles 

Handles created with curl_easy_duphandle do not use the SSL engine set
up in the original handle. This fixes the issue by storing the engine
name in the internal url state and setting the engine from its name
inside curl_easy_duphandle.

Reported-by: Anton Gerasimov
Signed-of-by: Laurent Bonnans
Fixes #2829
Closes #2833
parent c7ea4ddd

lib/easy.c

+7 −0
Original line number Diff line number Diff line
@@ -958,6 +958,13 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy *data) 
    outcurl->change.referer_alloc = TRUE;

  }



  /* Reinitialize an SSL engine for the new handle

   * note: the engine name has already been copied by dupset */

  if(outcurl->set.str[STRING_SSL_ENGINE]) {

    if(Curl_ssl_set_engine(outcurl, outcurl->set.str[STRING_SSL_ENGINE]))

      goto fail;

  }



  /* Clone the resolver handle, if present, for the new handle */

  if(Curl_resolver_duphandle(&outcurl->state.resolver,

                             data->state.resolver))

lib/setopt.c

+7 −2
Original line number Diff line number Diff line
@@ -1603,14 +1603,19 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, 
     * String that holds the SSL crypto engine.

     */

    argptr = va_arg(param, char *);

    if(argptr && argptr[0])

    if(argptr && argptr[0]) {

      result = Curl_setstropt(&data->set.str[STRING_SSL_ENGINE], argptr);

      if(!result) {

        result = Curl_ssl_set_engine(data, argptr);

      }

    }

    break;



  case CURLOPT_SSLENGINE_DEFAULT:

    /*

     * flag to set engine as default.

     */

    Curl_setstropt(&data->set.str[STRING_SSL_ENGINE], NULL);

    result = Curl_ssl_set_engine_default(data);

    break;

  case CURLOPT_CRLF:

lib/urldata.h

+1 −0
Original line number Diff line number Diff line
@@ -1404,6 +1404,7 @@ enum dupstring { 
  STRING_SSL_CRLFILE_PROXY, /* crl file to check certificate */

  STRING_SSL_ISSUERCERT_ORIG, /* issuer cert file to check certificate */

  STRING_SSL_ISSUERCERT_PROXY, /* issuer cert file to check certificate */

  STRING_SSL_ENGINE,      /* name of ssl engine */

  STRING_USERNAME,        /* <username>, if used */

  STRING_PASSWORD,        /* <password>, if used */

  STRING_OPTIONS,         /* <options>, if used */