Shmulik Regev found an (albeit rare) case where the proxy CONNECT operation

could in fact get stuck in an endless loop.

diff --git a/CHANGES b/CHANGES
index 370138e..f03c4c3 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,9 @@
                                   Changelog
 
 Daniel S (12 July 2007)
+- Shmulik Regev found an (albeit rare) case where the proxy CONNECT operation
+  could in fact get stuck in an endless loop.
+
 - Made CURLOPT_SSL_VERIFYHOST set to 1 acts as described in the documentation:
   fail to connect if there is no Common Name field found in the remote cert.
   We should deprecate the support for this set to 1 anyway soon, since the

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index ccaa890..ca1f30a 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -19,6 +19,7 @@ This release includes the following bugfixes:
  o problem with closed proxy connection during HTTP CONNECT auth negotiation
  o transfer-encoding skipping didn't ignore the 407 response bodies properly
  o CURLOPT_SSL_VERIFYHOST set to 1
+ o CONNECT endless loop
 
 This release includes the following known bugs:
 

diff --git a/lib/url.c b/lib/url.c
index 24cbaaf..a12d94d 100644 (file)
--- a/lib/url.c
+++ b/lib/url.c
@@ -4071,6 +4071,12 @@ static CURLcode SetupConnection(struct connectdata *conn,
   }
   *protocol_done = FALSE; /* default to not done */
 
+  /* set proxy_connect_closed to false unconditionally already here since it
+     is used strictly to provide extra information to a parent function in the
+     case of proxy CONNECT failures and we must make sure we don't have it
+     lingering set from a previous invoke */
+  conn->bits.proxy_connect_closed = FALSE;
+
   /*************************************************************
    * Set user-agent for HTTP
    *************************************************************/