Closed
Description
I did this
-
Standard TLS-encypted connection to Apache FTP server.
-
Multiple FTP accesses using ::curl_easy_reset() on the same curl easy handle
=> TLS-enabled FTP control connection is not reused, see Wireshark log:
Analysis so far:
Problem is caused by:
if((!(needle->handler->flags&PROTOPT_SSL) !=
!Curl_conn_is_ssl(conn, FIRSTSOCKET)) &&
!(get_protocol_family(conn->handler) == needle->handler->protocol &&
conn->bits.tls_upgraded))
/* Deny `conn` if it is not fit for `needle`'s SSL needs,
* UNLESS `conn` is the same protocol family and was upgraded to SSL. */
return FALSE;
https://github.com/icing/curl/blob/3be33a1a4777438e2ef9cca488322f789bdd40fd/lib/url.c#L955
In libcurl 8.11.1 this line was
if ((needle->handler->flags&PROTOPT_SSL) !=
(conn->handler->flags&PROTOPT_SSL))
/* do not do mixed SSL and non-SSL connections */
if (get_protocol_family(conn->handler) !=
needle->handler->protocol || !conn->bits.tls_upgraded)
/* except protocols that have been upgraded via TLS */
return FALSE;
In the 8.12.1 code
Curl_conn_is_ssl(conn, FIRSTSOCKET) returns "true",
while in 8.11.1
(conn->handler->flags&PROTOPT_SSL) evaluated to "false".
Reverting this code section back to 8.11.1 fixed FTP connection reuse in my tests.
I expected the following
FTP control connection should be reused instead of needlessly creating a new one each time
curl/libcurl version
8.12.1
operating system
Windows 10
Metadata
Metadata
Assignees
Type
Projects
Milestone
Relationships
Development
No branches or pull requests
Participants
Activity
Zenju commentedon Feb 18, 2025
Related: #16034
bagder commentedon Feb 19, 2025
Does it work correctly without the reset done?
Zenju commentedon Feb 19, 2025
I don't understand the question. How would you make multiple FTP accesses without using curl_easy_reset(), while reusing the same connection?
bagder commentedon Feb 19, 2025
Just use the same handle again?
Zenju commentedon Feb 19, 2025
The program crashes in ftp.c ftp_state_quote.
curl_easy_reset() is required for my use case as the FTP accesses vary a lot: file/folder creates, updates, deletes, folder traversal, lots of CURLOPT_CUSTOMREQUEST. On the other hand, not having connection reuse in libcurl is a showstopper bug.
bagder commentedon Feb 19, 2025
crashes ? That sounds like a separate bug then. Or you took away the list from under libcurl's feet.
Zenju commentedon Feb 19, 2025
I have no idea. Just commenting out "curl_easy_reset" quick and dirty. The libcurl access pattern in my software FreeFileSync is complex.
conn reuse, when SSL is optional
icing commentedon Feb 19, 2025
Thanks for the report. You pointed exactly at the location that was the problem.
I added checks in out test suite, reproducing the problem, and rewrote the logic in url.c again in #16392.
It would be great if you could verify that this solves your problem. Thanks.
Zenju commentedon Feb 19, 2025
Yes, this works! The TLS-enabled control connection is being reused as expected!
23 remaining items