ossl_connect_common: detect connection re-use

ossl_connect_common() now checks whether or not 'struct
connectdata->state' is equal 'ssl_connection_complete' and if so, will
return CURLE_OK with 'done' set to 'TRUE'. This check prevents
ossl_connect_common() from creating a new ssl connection on an existing
ssl session which causes openssl to fail when it tries to parse an
encrypted TLS packet since the cipher data was effectively thrown away
when the new ssl connection was created.

Bug: http://curl.haxx.se/mail/lib-2010-11/0169.html

diff --git a/lib/ssluse.c b/lib/ssluse.c
index d0eaadede28930cf46c40d086aae03291d42a5a0..d8f7760181edf151058e9d48524f86c14d58aeae 100644 (file)
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -2371,6 +2371,12 @@ ossl_connect_common(struct connectdata *conn,
   long timeout_ms;
   int what;
 
+  /* check if the connection has already been established */
+  if(ssl_connection_complete == connssl->state) {
+    *done = TRUE;
+    return CURLE_OK;
+  }
+
   if(ssl_connect_1==connssl->connecting_state) {
     /* Find out how much more time we're allowed */
     timeout_ms = Curl_timeleft(conn, NULL, TRUE);