{
struct oc_text_buf *buf;
int result, buflen;
+ int rq_retry;
- retry:
+ redirected:
vpninfo->redirect_type = REDIR_TYPE_NONE;
if (*form_buf) {
free(*form_buf);
*form_buf = NULL;
}
- if (openconnect_open_https(vpninfo)) {
- vpn_progress(vpninfo, PRG_ERR,
- _("Failed to open HTTPS connection to %s\n"),
- vpninfo->hostname);
- return -EINVAL;
- }
/*
* It would be nice to use cURL for this, but we really need to guarantee
if (buf_error(buf))
return buf_free(buf);
+ retry:
+ if (openconnect_https_connected(vpninfo)) {
+ /* The session is already connected. If we get a failure on
+ * *sending* the request, try it again immediately with a new
+ * connection. */
+ rq_retry = 1;
+ } else {
+ rq_retry = 0;
+ if (openconnect_open_https(vpninfo)) {
+ vpn_progress(vpninfo, PRG_ERR,
+ _("Failed to open HTTPS connection to %s\n"),
+ vpninfo->hostname);
+ return -EINVAL;
+ }
+ }
+
result = openconnect_SSL_write(vpninfo, buf->data, buf->pos);
+ if (rq_retry && result < 0) {
+ openconnect_close_https(vpninfo, 0);
+ goto retry;
+ }
buf_free(buf);
if (result < 0)
return result;
if (result == 0) {
if (!fetch_redirect)
return 0;
- goto retry;
+ goto redirected;
}
goto out;
}
int openconnect_random(void *bytes, int len);
int openconnect_local_cert_md5(struct openconnect_info *vpninfo,
char *buf);
+#if defined(OPENCONNECT_OPENSSL)
+#define openconnect_https_connected(_v) ((_v)->https_ssl)
+#elif defined (OPENCONNECT_GNUTLS)
+#define openconnect_https_connected(_v) ((_v)->https_sess)
+#endif
/* mainloop.c */
int vpn_add_pollfd(struct openconnect_info *vpninfo, int fd, short events);
projects / users / dwmw2 / openconnect.git / commitdiff