Loading CHANGES +4 −0 Original line number Original line Diff line number Diff line Loading @@ -7,6 +7,10 @@ Changelog Changelog Daniel Stenberg (20 Nov 2009) Daniel Stenberg (20 Nov 2009) - Constantine Sapuntzakis identified a write after close, as the sockets were closed by libcurl before the SSL lib were shutdown and they may write to its socket. Detected to at least happen with OpenSSL builds. - Jad Chamcham pointed out a bug with connection re-use. If a connection had - Jad Chamcham pointed out a bug with connection re-use. If a connection had CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the same proxy with the tunnel option disabled would still wrongly re-use that same proxy with the tunnel option disabled would still wrongly re-use that Loading RELEASE-NOTES +1 −0 Original line number Original line Diff line number Diff line Loading @@ -24,6 +24,7 @@ This release includes the following bugfixes: o don't store LDFLAGS in pkg-config file o don't store LDFLAGS in pkg-config file o never-pruned DNS cached entries o never-pruned DNS cached entries o HTTP proxy tunnel re-used connection even if tunnel got disabled o HTTP proxy tunnel re-used connection even if tunnel got disabled o SSL lib post-close write This release includes the following known bugs: This release includes the following known bugs: Loading lib/url.c +5 −3 Original line number Original line Diff line number Diff line Loading @@ -2300,6 +2300,11 @@ static void conn_free(struct connectdata *conn) if(!conn) if(!conn) return; return; /* close the SSL stuff before we close any sockets since they will/may write to the sockets */ Curl_ssl_close(conn, FIRSTSOCKET); Curl_ssl_close(conn, SECONDARYSOCKET); /* close possibly still open sockets */ /* close possibly still open sockets */ if(CURL_SOCKET_BAD != conn->sock[SECONDARYSOCKET]) if(CURL_SOCKET_BAD != conn->sock[SECONDARYSOCKET]) sclose(conn->sock[SECONDARYSOCKET]); sclose(conn->sock[SECONDARYSOCKET]); Loading Loading @@ -2336,9 +2341,6 @@ static void conn_free(struct connectdata *conn) Curl_destroy_thread_data(&conn->async); Curl_destroy_thread_data(&conn->async); #endif #endif Curl_ssl_close(conn, FIRSTSOCKET); Curl_ssl_close(conn, SECONDARYSOCKET); Curl_free_ssl_config(&conn->ssl_config); Curl_free_ssl_config(&conn->ssl_config); free(conn); /* free all the connection oriented data */ free(conn); /* free all the connection oriented data */ Loading Loading
CHANGES +4 −0 Original line number Original line Diff line number Diff line Loading @@ -7,6 +7,10 @@ Changelog Changelog Daniel Stenberg (20 Nov 2009) Daniel Stenberg (20 Nov 2009) - Constantine Sapuntzakis identified a write after close, as the sockets were closed by libcurl before the SSL lib were shutdown and they may write to its socket. Detected to at least happen with OpenSSL builds. - Jad Chamcham pointed out a bug with connection re-use. If a connection had - Jad Chamcham pointed out a bug with connection re-use. If a connection had CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the CURLOPT_HTTPPROXYTUNNEL enabled over a proxy, a subsequent request using the same proxy with the tunnel option disabled would still wrongly re-use that same proxy with the tunnel option disabled would still wrongly re-use that Loading
RELEASE-NOTES +1 −0 Original line number Original line Diff line number Diff line Loading @@ -24,6 +24,7 @@ This release includes the following bugfixes: o don't store LDFLAGS in pkg-config file o don't store LDFLAGS in pkg-config file o never-pruned DNS cached entries o never-pruned DNS cached entries o HTTP proxy tunnel re-used connection even if tunnel got disabled o HTTP proxy tunnel re-used connection even if tunnel got disabled o SSL lib post-close write This release includes the following known bugs: This release includes the following known bugs: Loading
lib/url.c +5 −3 Original line number Original line Diff line number Diff line Loading @@ -2300,6 +2300,11 @@ static void conn_free(struct connectdata *conn) if(!conn) if(!conn) return; return; /* close the SSL stuff before we close any sockets since they will/may write to the sockets */ Curl_ssl_close(conn, FIRSTSOCKET); Curl_ssl_close(conn, SECONDARYSOCKET); /* close possibly still open sockets */ /* close possibly still open sockets */ if(CURL_SOCKET_BAD != conn->sock[SECONDARYSOCKET]) if(CURL_SOCKET_BAD != conn->sock[SECONDARYSOCKET]) sclose(conn->sock[SECONDARYSOCKET]); sclose(conn->sock[SECONDARYSOCKET]); Loading Loading @@ -2336,9 +2341,6 @@ static void conn_free(struct connectdata *conn) Curl_destroy_thread_data(&conn->async); Curl_destroy_thread_data(&conn->async); #endif #endif Curl_ssl_close(conn, FIRSTSOCKET); Curl_ssl_close(conn, SECONDARYSOCKET); Curl_free_ssl_config(&conn->ssl_config); Curl_free_ssl_config(&conn->ssl_config); free(conn); /* free all the connection oriented data */ free(conn); /* free all the connection oriented data */ Loading