From: mike Date: Mon, 11 Mar 2013 12:58:38 +0000 (+0000) Subject: Avoid infinite recursion on HTTP upgrade. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5dcac479e032f85716aa5f3b3f48ac5df488ccc3;p=thirdparty%2Fcups.git Avoid infinite recursion on HTTP upgrade. git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@10893 7a7537e8-13f0-0310-91df-b6672ffda945 --- diff --git a/cups/http-private.h b/cups/http-private.h index d326a0a80e..d0ea961a01 100644 --- a/cups/http-private.h +++ b/cups/http-private.h @@ -316,6 +316,7 @@ struct _http_s /**** HTTP connection structure ****/ # endif /* HAVE_GSSAPI */ /**** New in CUPS 1.7 ****/ + int tls_upgrade; /* Non-zero if we are doing an upgrade */ _http_mode_t mode; /* _HTTP_MODE_CLIENT or _HTTP_MODE_SERVER */ char *accept_encoding, /* Accept-Encoding field */ diff --git a/cups/http.c b/cups/http.c index 109ff098b9..9e64f48311 100644 --- a/cups/http.c +++ b/cups/http.c @@ -2777,7 +2777,7 @@ httpReconnect2(http_t *http, /* I - Connection to server */ return (-1); } } - else if (http->encryption == HTTP_ENCRYPTION_REQUIRED) + else if (http->encryption == HTTP_ENCRYPTION_REQUIRED && !http->tls_upgrade) return (http_upgrade(http)); #endif /* HAVE_SSL */ @@ -4900,8 +4900,13 @@ http_send(http_t *http, /* I - Connection to server */ if (http->fd < 0 || http->status == HTTP_STATUS_ERROR || http->status >= HTTP_STATUS_BAD_REQUEST) + { + DEBUG_printf(("5http_send: Reconnecting, fd=%d, status=%d, tls_upgrade=%d", + http->fd, http->status, http->tls_upgrade)); + if (httpReconnect2(http, 30000, NULL)) return (-1); + } /* * Flush any written data that is pending... @@ -5680,6 +5685,7 @@ http_upgrade(http_t *http) /* I - Connection to server */ * encryption on the link... */ + http->tls_upgrade = 1; http->field_authorization = NULL; /* Don't free the auth string */ httpClearFields(http); @@ -5706,6 +5712,7 @@ http_upgrade(http_t *http) /* I - Connection to server */ http->expect = myhttp.expect; http->field_authorization = myhttp.field_authorization; http->digest_tries = myhttp.digest_tries; + http->tls_upgrade = 0; /* * See if we actually went secure...