nss: do not abort on connection failure

author Kamil Dudka <kdudka@redhat.com>

Wed, 2 Jul 2014 15:37:43 +0000 (17:37 +0200)

committer Kamil Dudka <kdudka@redhat.com>

Wed, 2 Jul 2014 15:59:03 +0000 (17:59 +0200)
author Kamil Dudka <kdudka@redhat.com>
Wed, 2 Jul 2014 15:37:43 +0000 (17:37 +0200)
committer Kamil Dudka <kdudka@redhat.com>
Wed, 2 Jul 2014 15:59:03 +0000 (17:59 +0200)
diff --git a/RELEASE-NOTES b/RELEASE-NOTES

index 782c9cf..cb481a2 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -34,6 +34,7 @@ This release includes the following bugfixes:
   o winbuild: Don't USE_WINSSL when WITH_SSL is being used
   o getinfo: HTTP CONNECT code not reset between transfers [8]
   o Curl_rand: Use a fake entropy for debug builds when CURL_ENTROPY set
+ o nss: do not abort on connection failure (failing tests 305 and 404)
   o 
  
  This release includes the following known bugs:
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c

index c1eec41..1e41795 100644 (file)
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -1396,7 +1396,8 @@ static CURLcode nss_fail_connect(struct ssl_connect_data *connssl,
    Curl_llist_destroy(connssl->obj_list, NULL);
    connssl->obj_list = NULL;
  
-  if((SSL_VersionRangeGet(connssl->handle, &sslver) == SECSuccess)
+  if(connssl->handle
+      && (SSL_VersionRangeGet(connssl->handle, &sslver) == SECSuccess)
        && (sslver.min == SSL_LIBRARY_VERSION_3_0)
        && (sslver.max == SSL_LIBRARY_VERSION_TLS_1_0)
        && isTLSIntoleranceError(err)) {
author	Kamil Dudka <kdudka@redhat.com>
	Wed, 2 Jul 2014 15:37:43 +0000 (17:37 +0200)
committer	Kamil Dudka <kdudka@redhat.com>
	Wed, 2 Jul 2014 15:59:03 +0000 (17:59 +0200)
RELEASE-NOTES		patch \| blob \| history
lib/vtls/nss.c		patch \| blob \| history