Commit 949ff971 authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

Bug report #1812190 (http://curl.haxx.se/bug/view.cgi?id=1812190) points out 

that libcurl tried to re-use connections a bit too much when using non-SSL
protocols tunneled over a HTTP proxy.
parent b9a30598

CHANGES

+5 −0
Original line number Diff line number Diff line
@@ -6,6 +6,11 @@ 


                                  Changelog



Daniel S (23 October 2007)

- Bug report #1812190 (http://curl.haxx.se/bug/view.cgi?id=1812190) points out

  that libcurl tried to re-use connections a bit too much when using non-SSL

  protocols tunneled over a HTTP proxy.



Daniel S (22 October 2007)

- Michal Marek forwarded the bug report

  https://bugzilla.novell.com/show_bug.cgi?id=332917 about a HTTP redirect to

RELEASE-NOTES

+2 −0
Original line number Diff line number Diff line
@@ -41,6 +41,8 @@ This release includes the following bugfixes: 
 o specifying a proxy with a trailing slash didn't work (unless it also

   contained a port number)

 o redirect from HTTP to FTP memory problem

 o re-used connections a bit too much when using non-SSL protocols tunneled

   over a HTTP proxy



This release includes the following known bugs:

TODO-RELEASE

+1 −4
Original line number Diff line number Diff line 
To be addressed before 7.17.1 (planned release: November 2007)

To be addressed before 7.17.1 (planned release: late October 2007)

=============================



104 - [ curl-Bugs-1812190 ] libcurl can use wrong connection, when using

      https



106 -

lib/url.c

+11 −7
Original line number Diff line number Diff line
@@ -2399,15 +2399,19 @@ ConnectionExists(struct SessionHandle *data, 
      /* don't do mixed SSL and non-SSL connections */

      continue;



    if(!needle->bits.httpproxy || needle->protocol&PROT_SSL) {

      /* The requested connection does not use a HTTP proxy or it

         uses SSL. */



      if(!(needle->protocol&PROT_SSL) && check->bits.httpproxy)

        /* we don't do SSL but the cached connection has a proxy,

           then don't match this */

    if(needle->bits.proxy != check->bits.proxy)

      /* don't do mixed proxy and non-proxy connections */

      continue;



    if(!needle->bits.httpproxy || needle->protocol&PROT_SSL ||

       (needle->bits.httpproxy && check->bits.httpproxy &&

        needle->bits.tunnel_proxy && check->bits.tunnel_proxy &&

        strequal(needle->proxy.name, check->proxy.name) &&

        (needle->port == check->port))) {

      /* The requested connection does not use a HTTP proxy or it uses SSL or

         it is a non-SSL protocol tunneled over the same http proxy name and

         port number */



      if(strequal(needle->protostr, check->protostr) &&

         strequal(needle->host.name, check->host.name) &&

         (needle->remote_port == check->remote_port) ) {