diff options
| author | Laurent Bonnans <laurent.bonnans@here.com> | 2018-08-17 17:39:01 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2018-08-18 15:46:23 +0200 |
| commit | 4939f3652473c1519d2b604068efb87ef7531874 (patch) | |
| tree | 2b538ce93d1edf5070abd297b29bee5a848c327b | |
| parent | c7ea4ddd2e5db304bc3170eeb8d5aa91f1921013 (diff) | |
| download | curl-4939f3652473c1519d2b604068efb87ef7531874.tar.gz | |
vtls: reinstantiate engine on duplicated handles
Handles created with curl_easy_duphandle do not use the SSL engine set
up in the original handle. This fixes the issue by storing the engine
name in the internal url state and setting the engine from its name
inside curl_easy_duphandle.
Reported-by: Anton Gerasimov
Signed-of-by: Laurent Bonnans
Fixes #2829
Closes #2833
| -rw-r--r-- | lib/easy.c | 7 | ||||
| -rw-r--r-- | lib/setopt.c | 9 | ||||
| -rw-r--r-- | lib/urldata.h | 1 |
3 files changed, 15 insertions, 2 deletions
diff --git a/lib/easy.c b/lib/easy.c index 5af90e326..027d0bef3 100644 --- a/lib/easy.c +++ b/lib/easy.c @@ -958,6 +958,13 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy *data) outcurl->change.referer_alloc = TRUE; } + /* Reinitialize an SSL engine for the new handle + * note: the engine name has already been copied by dupset */ + if(outcurl->set.str[STRING_SSL_ENGINE]) { + if(Curl_ssl_set_engine(outcurl, outcurl->set.str[STRING_SSL_ENGINE])) + goto fail; + } + /* Clone the resolver handle, if present, for the new handle */ if(Curl_resolver_duphandle(&outcurl->state.resolver, data->state.resolver)) diff --git a/lib/setopt.c b/lib/setopt.c index 5ecf5b97f..5c5f4b381 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -1603,14 +1603,19 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, * String that holds the SSL crypto engine. */ argptr = va_arg(param, char *); - if(argptr && argptr[0]) - result = Curl_ssl_set_engine(data, argptr); + if(argptr && argptr[0]) { + result = Curl_setstropt(&data->set.str[STRING_SSL_ENGINE], argptr); + if(!result) { + result = Curl_ssl_set_engine(data, argptr); + } + } break; case CURLOPT_SSLENGINE_DEFAULT: /* * flag to set engine as default. */ + Curl_setstropt(&data->set.str[STRING_SSL_ENGINE], NULL); result = Curl_ssl_set_engine_default(data); break; case CURLOPT_CRLF: diff --git a/lib/urldata.h b/lib/urldata.h index 2a0540fa9..6119136d4 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -1404,6 +1404,7 @@ enum dupstring { STRING_SSL_CRLFILE_PROXY, /* crl file to check certificate */ STRING_SSL_ISSUERCERT_ORIG, /* issuer cert file to check certificate */ STRING_SSL_ISSUERCERT_PROXY, /* issuer cert file to check certificate */ + STRING_SSL_ENGINE, /* name of ssl engine */ STRING_USERNAME, /* <username>, if used */ STRING_PASSWORD, /* <password>, if used */ STRING_OPTIONS, /* <options>, if used */ |