switch SSL socket into non-blocking mode after handshake

This commit is contained in:
Kamil Dudka 2013-03-06 16:22:56 +01:00
parent a141f7cc41
commit 1b38b7c587
2 changed files with 55 additions and 1 deletions

View File

@ -0,0 +1,47 @@
From 8d25353ae1661ce50fe564e733f3ef45004f4bdf Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Tue, 5 Mar 2013 17:51:01 +0100
Subject: [PATCH] nss: fix misplaced code enabling non-blocking socket mode
The option needs to be set on the SSL socket. Setting it on the model
takes no effect. Note that the non-blocking mode is still not enabled
for the handshake because the code is not yet ready for that.
[upstream commit 9d0af3018c5db25f5adda216dbcad6056b4a3107]
---
lib/nss.c | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/lib/nss.c b/lib/nss.c
index 8a2cb09..a2c5c63 100644
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -1237,12 +1237,6 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
goto error;
model = SSL_ImportFD(NULL, model);
- /* make the socket nonblocking */
- sock_opt.option = PR_SockOpt_Nonblocking;
- sock_opt.value.non_blocking = PR_TRUE;
- if(PR_SetSocketOption(model, &sock_opt) != PR_SUCCESS)
- goto error;
-
if(SSL_OptionSet(model, SSL_SECURITY, PR_TRUE) != SECSuccess)
goto error;
if(SSL_OptionSet(model, SSL_HANDSHAKE_AS_SERVER, PR_FALSE) != SECSuccess)
@@ -1415,6 +1409,12 @@ CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
goto error;
}
+ /* switch the SSL socket into non-blocking mode */
+ sock_opt.option = PR_SockOpt_Nonblocking;
+ sock_opt.value.non_blocking = PR_TRUE;
+ if(PR_SetSocketOption(connssl->handle, &sock_opt) != PR_SUCCESS)
+ goto error;
+
connssl->state = ssl_connection_complete;
conn->recv[sockindex] = nss_recv;
conn->send[sockindex] = nss_send;
--
1.7.1

View File

@ -1,7 +1,7 @@
Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
Name: curl Name: curl
Version: 7.29.0 Version: 7.29.0
Release: 2%{?dist} Release: 3%{?dist}
License: MIT License: MIT
Group: Applications/Internet Group: Applications/Internet
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
@ -11,6 +11,9 @@ Source3: hide_selinux.c
# fix a SIGSEGV when closing an unused multi handle (#914411) # fix a SIGSEGV when closing an unused multi handle (#914411)
Patch1: 0001-curl-7.29.0-da3fc1ee.patch Patch1: 0001-curl-7.29.0-da3fc1ee.patch
# switch SSL socket into non-blocking mode after handshake
Patch2: 0002-curl-7.29.0-9d0af3018.patch
# patch making libcurl multilib ready # patch making libcurl multilib ready
Patch101: 0101-curl-7.29.0-multilib.patch Patch101: 0101-curl-7.29.0-multilib.patch
@ -105,6 +108,7 @@ documentation of the library, too.
# upstream patches # upstream patches
%patch1 -p1 %patch1 -p1
%patch2 -p1
# Fedora patches # Fedora patches
%patch101 -p1 %patch101 -p1
@ -228,6 +232,9 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/aclocal/libcurl.m4 %{_datadir}/aclocal/libcurl.m4
%changelog %changelog
* Wed Mar 06 2013 Kamil Dudka <kdudka@redhat.com> 7.29.0-3
- switch SSL socket into non-blocking mode after handshake
* Fri Feb 22 2013 Kamil Dudka <kdudka@redhat.com> 7.29.0-2 * Fri Feb 22 2013 Kamil Dudka <kdudka@redhat.com> 7.29.0-2
- fix a SIGSEGV when closing an unused multi handle (#914411) - fix a SIGSEGV when closing an unused multi handle (#914411)