Rob Crittenden fixed bug #1705802

(http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
Black identifying several FTP-SSL test cases fail when we build libcurl with
NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS.

diff --git a/CHANGES b/CHANGES
index a4db52af073d393967f71ebe993cc6e2d3b33d70..dc717ec3e204316808c06c66198b72db82592c13 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,12 @@
                              \___|\___/|_| \_\_____|
 
                                   Changelog
+Daniel S (25 May 2007)
+- Rob Crittenden fixed bug #1705802
+  (http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
+  Black identifying several FTP-SSL test cases fail when we build libcurl with
+  NSS for TLS/SSL. Listed as #42 in KNOWN_BUGS.
+
 Daniel S (24 May 2007)
 - Song Ma filed bug report #1724016
   (http://curl.haxx.se/bug/view.cgi?id=1724016) noticing that downloading

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 4aba1bc69011442821ba009dfe2ef9d53b324e04..fcd2ba95dbe10359a12757947bc215dc794193e0 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -47,6 +47,7 @@ This release includes the following bugfixes:
  o improved curl -w for TFTP transfers
  o memory leak when failed OpenSSL certificate CN field checking
  o memory leak when OpenSSL failed PKCS #12 parsing
+ o FPL-SSL when built with NSS
 
 This release includes the following known bugs:
 
@@ -72,6 +73,6 @@ advice from friends like these:
  James Housley, Daniel Black, Steve Little, Sonia Subramanian, Peter O'Gorman,
  Frank Hempel, Michael Wallner, Jeff Pohlmeyer, Tobias Rundström,
  Anders Gustafsson, James Bursa, Kristian Gunstone, Feng Tu,
- Andre Guibert de Bruet
+ Andre Guibert de Bruet, Rob Crittenden
 
         Thanks! (and sorry if I forgot to mention someone)

diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS
index 7a2357a63eed0ca9ad3d085efc76b22c2833f781..85885fcf9a38f68bed340dd52ce12e62f2a220d4 100644 (file)
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -3,10 +3,6 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!
 
-42. Daniel Black filed bug report #1705802 where he accurately mentions that
-  several FTP-SSL test cases fail when we build libcurl with NSS for TLS/SSL:
-  http://curl.haxx.se/bug/view.cgi?id=1705802
-
 41. When doing an operation over FTP that requires the ACCT command (but not
   when logging in), the operation will fail since libcurl doesn't detect this
   and thus fails to issue the correct command:

diff --git a/lib/nss.c b/lib/nss.c
index 652d9f1f72611a1fad55c7c67b45f660d7f7860c..ec78154005abd64481c60821f7216a59a79c79f1 100644 (file)
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -74,6 +74,8 @@ PRFileDesc *PR_ImportTCPSocket(PRInt32 osfd);
 static int initialized = 0;
 static int noverify = 0;
 
+#define HANDSHAKE_TIMEOUT 30
+
 typedef struct {
   PRInt32 retryCount;
   struct SessionHandle *data;
@@ -513,6 +515,12 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex)
 
   SSL_SetURL(connssl->handle, conn->host.name);
 
+  /* Force the handshake now */
+  if (SSL_ForceHandshakeWithTimeout(connssl->handle,
+                                    PR_SecondsToInterval(HANDSHAKE_TIMEOUT))
+      != SECSuccess)
+    goto error;
+
   return CURLE_OK;
 
 error: