Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
App fails when rebuilt with newer library, but only when MTU is small
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Mark Fanara via curl-library <curl-library_at_lists.haxx.se>
Date: Thu, 29 Sep 2022 13:58:23 +0000
I have an application that pushes data to an endpoint. It first gets a token using a username/password login and then posts a form with file attached. This application has worked for many years.
The application runs on a device running a slight variant of Debian Linux. Recently the device vendor updated the OS image to Debian Buster. After rebuilding the application, it is no longer able to push the data to the endpoint. The path between the device and the endpoint includes a low bandwidth wireless connection with a MTU at one point of 564.
If I increase the MTU (bypass the wireless link), the push is completed. (If I run the old compilation of the program on the old OS with old libcurl etc., it works regardless)
NOTE - the program does not use DTLS
A number of things I have tried so far ---
- I have built the program using both libcurl with openssl and libcurl with gnutls - same results.
- I have added setopt calls in the new build to force the program to use the same encryption, TLS level (1.2) and HTTP version (1.1) that the previous version of the program negotiated with the endpoint - does not correct the problem.
- I have tried adding option to the gtls source file to include TLS maximum fragment size extension in the client hello, but the server side does not support it.
- I have tried adding a SSLCTX callback function and then setting max fragment size using the SSL_CTX_set_max_send_fragment() macro but that does not build because the openssl lib does not include the underlying SSL_CTX_ctrl() function. (Not sure if this call adds the extension to client hello or just constrains how much data will go in a record).
'Previous' Library Info
- Debian Jessie libcurl is at 7.38.0 with some patches provided by Debian maintainers.
'Current' Library Info
- Debian Buster libcurl is at 7.64.0 with some patches provided by Debian maintainers.
- Upgrading to newest libcurl is not feasible because of reported library dependencies. i.e. newer version is dependent upon newer version of libc which I am unable to update.
Questions ---
Are there any known changes to libcurl (or other dependent libraries) that would be MTU sensitive?
Any suggestions on where to go from here?
Mark
Caterpillar: Confidential Green
Date: Thu, 29 Sep 2022 13:58:23 +0000
I have an application that pushes data to an endpoint. It first gets a token using a username/password login and then posts a form with file attached. This application has worked for many years.
The application runs on a device running a slight variant of Debian Linux. Recently the device vendor updated the OS image to Debian Buster. After rebuilding the application, it is no longer able to push the data to the endpoint. The path between the device and the endpoint includes a low bandwidth wireless connection with a MTU at one point of 564.
If I increase the MTU (bypass the wireless link), the push is completed. (If I run the old compilation of the program on the old OS with old libcurl etc., it works regardless)
NOTE - the program does not use DTLS
A number of things I have tried so far ---
- I have built the program using both libcurl with openssl and libcurl with gnutls - same results.
- I have added setopt calls in the new build to force the program to use the same encryption, TLS level (1.2) and HTTP version (1.1) that the previous version of the program negotiated with the endpoint - does not correct the problem.
- I have tried adding option to the gtls source file to include TLS maximum fragment size extension in the client hello, but the server side does not support it.
- I have tried adding a SSLCTX callback function and then setting max fragment size using the SSL_CTX_set_max_send_fragment() macro but that does not build because the openssl lib does not include the underlying SSL_CTX_ctrl() function. (Not sure if this call adds the extension to client hello or just constrains how much data will go in a record).
'Previous' Library Info
- Debian Jessie libcurl is at 7.38.0 with some patches provided by Debian maintainers.
'Current' Library Info
- Debian Buster libcurl is at 7.64.0 with some patches provided by Debian maintainers.
- Upgrading to newest libcurl is not feasible because of reported library dependencies. i.e. newer version is dependent upon newer version of libc which I am unable to update.
Questions ---
Are there any known changes to libcurl (or other dependent libraries) that would be MTU sensitive?
Any suggestions on where to go from here?
Mark
Caterpillar: Confidential Green
-- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2022-09-29