return cf && cf->connected;
}
+bool Curl_conn_is_ip_connected(struct Curl_easy *data, int sockindex)
+{
+ struct Curl_cfilter *cf;
+
+ cf = data->conn->cfilter[sockindex];
+ while(cf) {
+ if(cf->connected)
+ return TRUE;
+ if(cf->cft->flags & CF_TYPE_IP_CONNECT)
+ return FALSE;
+ cf = cf->next;
+ }
+ return FALSE;
+}
+
bool Curl_cfilter_data_pending(const struct Curl_easy *data,
struct connectdata *conn, int sockindex)
{
*/
void Curl_cfilter_detach(struct connectdata *conn, struct Curl_easy *data);
+#define CF_TYPE_IP_CONNECT (1 << 0)
+#define CF_TYPE_SSL (1 << 1)
+
/* A connection filter type, e.g. specific implementation. */
struct Curl_cftype {
const char *name; /* name of the filter type */
+ long flags; /* flags of filter type */
Curl_cf_destroy *destroy; /* destroy resources held */
Curl_cf_attach_data *attach_data; /* data is being handled here */
Curl_cf_detach_data *detach_data; /* data is no longer handled here */
bool blocking, bool *done);
bool Curl_cfilter_is_connected(struct Curl_easy *data,
struct connectdata *conn, int sockindex);
+/**
+ * Determine if we have reached the remote host on IP level, e.g.
+ * have a TCP connection. This turns TRUE before a possible SSL
+ * handshake has been started/done.
+ */
+bool Curl_conn_is_ip_connected(struct Curl_easy *data, int sockindex);
void Curl_cfilter_close(struct Curl_easy *data,
struct connectdata *conn, int index);
static const struct Curl_cftype cft_socket = {
"SOCKET",
+ CF_TYPE_IP_CONNECT,
socket_cf_destroy,
Curl_cf_def_attach_data,
Curl_cf_def_detach_data,
static const struct Curl_cftype cft_socket_accept = {
"SOCKET-ACCEPT",
+ CF_TYPE_IP_CONNECT,
socket_cf_destroy,
Curl_cf_def_attach_data,
Curl_cf_def_detach_data,
* complete */
struct FTP *ftp = NULL;
- /* if the second connection isn't done yet, wait for it */
+ /* if the second connection isn't done yet, wait for it to have
+ * connected to the remote host. When using proxy tunneling, this
+ * means the tunnel needs to have been establish. However, we
+ * can not expect the remote host to talk to us in any way yet.
+ * So, when using ftps: the SSL handshake will not start until we
+ * tell the remote server that we are there. */
if(conn->cfilter[SECONDARYSOCKET]) {
result = Curl_cfilter_connect(data, conn, SECONDARYSOCKET,
FALSE, &connected);
- if(result ||
- (!connected && conn->sock[SECONDARYSOCKET] == CURL_SOCKET_BAD)) {
+ if(result || !Curl_conn_is_ip_connected(data, SECONDARYSOCKET)) {
if(result && (ftpc->count1 == 0)) {
*completep = -1; /* go back to DOING please */
/* this is a EPSV connect failing, try PASV instead */
static const struct Curl_cftype cft_http_proxy = {
"HTTP-PROXY",
+ CF_TYPE_IP_CONNECT,
http_proxy_cf_destroy,
Curl_cf_def_attach_data,
http_proxy_cf_detach_data,
static const struct Curl_cftype cft_haproxy = {
"HAPROXY",
+ 0,
Curl_cf_def_destroy,
Curl_cf_def_attach_data,
Curl_cf_def_detach_data,
static const struct Curl_cftype cft_socks_proxy = {
"SOCKS-PROXYY",
+ CF_TYPE_IP_CONNECT,
socks_proxy_cf_destroy,
Curl_cf_def_attach_data,
socks_proxy_cf_detach_data,
static const struct Curl_cftype cft_ssl = {
"SSL",
+ CF_TYPE_SSL,
ssl_cf_destroy,
ssl_cf_def_attach_data,
ssl_cf_def_detach_data,
#ifndef CURL_DISABLE_PROXY
static const struct Curl_cftype cft_ssl_proxy = {
"SSL-PROXY",
+ CF_TYPE_SSL,
ssl_cf_destroy,
ssl_cf_def_attach_data,
ssl_cf_def_detach_data,
projects / thirdparty / curl.git / commitdiff
