Changelog

Yang Tse (14 Nov 2009)

- Constantine Sapuntzakis provided the fix that ensures that an SSL connection

  won't be reused unless protection level for peer and host verification match.

Kamil Dudka (12 Nov 2009)

- Kevin Baughman provided a fix preventing libcurl-NSS from crash on doubly

  closed NSPR descriptor. The issue was hard to find, reported several times

 o progress meter/callback during FTP connection

 o DNS cache timeout while transfer in progress

 o compilation when configured --with-gssapi having GNU GSS installed

 o SSL connection reused with mismatched protection level

This release includes the following known bugs:

      /* don't do mixed SSL and non-SSL connections */

      continue;

    if(needle->protocol&PROT_SSL) {

      if((data->set.ssl.verifypeer != check->verifypeer) ||

         (data->set.ssl.verifyhost != check->verifyhost))

        continue;

    }

    if(needle->bits.proxy != check->bits.proxy)

      /* don't do mixed proxy and non-proxy connections */

      continue;

  conn->bits.ftp_use_epsv = data->set.ftp_use_epsv;

  conn->bits.ftp_use_eprt = data->set.ftp_use_eprt;

  conn->verifypeer = data->set.ssl.verifypeer;

  conn->verifyhost = data->set.ssl.verifyhost;

  if(data->multi && Curl_multi_canPipeline(data->multi) &&

      !conn->master_buffer) {

    /* Allocate master_buffer to be used for pipelining */

#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)

  int socks5_gssapi_enctype;

#endif

  long verifypeer;

  long verifyhost;

};

/* The end of connectdata. */