summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorLaurent Bonnans <laurent.bonnans@here.com>2018-08-17 17:39:01 +0200
committerDaniel Stenberg <daniel@haxx.se>2018-08-18 15:46:23 +0200
commit4939f3652473c1519d2b604068efb87ef7531874 (patch)
tree2b538ce93d1edf5070abd297b29bee5a848c327b /lib
parentc7ea4ddd2e5db304bc3170eeb8d5aa91f1921013 (diff)
downloadcurl-4939f3652473c1519d2b604068efb87ef7531874.tar.gz
vtls: reinstantiate engine on duplicated handles
Handles created with curl_easy_duphandle do not use the SSL engine set up in the original handle. This fixes the issue by storing the engine name in the internal url state and setting the engine from its name inside curl_easy_duphandle. Reported-by: Anton Gerasimov Signed-of-by: Laurent Bonnans Fixes #2829 Closes #2833
Diffstat (limited to 'lib')
-rw-r--r--lib/easy.c7
-rw-r--r--lib/setopt.c9
-rw-r--r--lib/urldata.h1
3 files changed, 15 insertions, 2 deletions
diff --git a/lib/easy.c b/lib/easy.c
index 5af90e326..027d0bef3 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -958,6 +958,13 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy *data)
outcurl->change.referer_alloc = TRUE;
}
+ /* Reinitialize an SSL engine for the new handle
+ * note: the engine name has already been copied by dupset */
+ if(outcurl->set.str[STRING_SSL_ENGINE]) {
+ if(Curl_ssl_set_engine(outcurl, outcurl->set.str[STRING_SSL_ENGINE]))
+ goto fail;
+ }
+
/* Clone the resolver handle, if present, for the new handle */
if(Curl_resolver_duphandle(&outcurl->state.resolver,
data->state.resolver))
diff --git a/lib/setopt.c b/lib/setopt.c
index 5ecf5b97f..5c5f4b381 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -1603,14 +1603,19 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option,
* String that holds the SSL crypto engine.
*/
argptr = va_arg(param, char *);
- if(argptr && argptr[0])
- result = Curl_ssl_set_engine(data, argptr);
+ if(argptr && argptr[0]) {
+ result = Curl_setstropt(&data->set.str[STRING_SSL_ENGINE], argptr);
+ if(!result) {
+ result = Curl_ssl_set_engine(data, argptr);
+ }
+ }
break;
case CURLOPT_SSLENGINE_DEFAULT:
/*
* flag to set engine as default.
*/
+ Curl_setstropt(&data->set.str[STRING_SSL_ENGINE], NULL);
result = Curl_ssl_set_engine_default(data);
break;
case CURLOPT_CRLF:
diff --git a/lib/urldata.h b/lib/urldata.h
index 2a0540fa9..6119136d4 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -1404,6 +1404,7 @@ enum dupstring {
STRING_SSL_CRLFILE_PROXY, /* crl file to check certificate */
STRING_SSL_ISSUERCERT_ORIG, /* issuer cert file to check certificate */
STRING_SSL_ISSUERCERT_PROXY, /* issuer cert file to check certificate */
+ STRING_SSL_ENGINE, /* name of ssl engine */
STRING_USERNAME, /* <username>, if used */
STRING_PASSWORD, /* <password>, if used */
STRING_OPTIONS, /* <options>, if used */