diff --git a/CHANGES b/CHANGES index 78717b3667..1ab15dc734 100644 --- a/CHANGES +++ b/CHANGES @@ -7,6 +7,11 @@ Changelog Daniel Stenberg (30 Oct 2009) +- Liza Alenchery mentioned a problem with re-used SCP connection when a bad + auth is used, as it caused a crash. I failed to repeat the issue, but still + made a change that now forces the TCP connection used for a freed SCP + session to get closed and not be re-used. + - "Tom" posted a bug report that mentioned how libcurl did wrong when doing a POST using a read callback, with Digest authentication and "Transfer-Encoding: chunked" enforced. I would then cause the first request diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 10ca00db8b..2e3817003d 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -43,6 +43,7 @@ This release includes the following bugfixes: o use pkg-config to find out libssh2 installation details in configure o unparsable cookie expire dates make cookies get treated as session coookies o POST with Digest authentication and "Transfer-Encoding: chunked" + o SCP connection re-use with wrong auth This release includes the following known bugs: @@ -55,6 +56,7 @@ advice from friends like these: Michal Marek, Eric Wong, Guenter Knauf, Peter Sylvester, Daniel Johnson, Claes Jakobsson, Sven Anders, Chris Mumford, John P. McCaskey, Constantine Sapuntzakis, Michael Stillwell, Tom Mueller, Dan Fandrich, - Kevin Baughman, John Dennis, Ray Dassen, Johan van Selst, Dima Barsky + Kevin Baughman, John Dennis, Ray Dassen, Johan van Selst, Dima Barsky, + Liza Alenchery Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/ssh.c b/lib/ssh.c index eaaa8e69a3..0d7f60ee4d 100644 --- a/lib/ssh.c +++ b/lib/ssh.c @@ -2221,6 +2221,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) } sshc->ssh_session = NULL; } + conn->bits.close = TRUE; sshc->nextstate = SSH_NO_STATE; state(conn, SSH_STOP); result = sshc->actualcode;