cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: A couple curl fixes/changes

From: Robert A. Seace <ras_at_magrathea.com>
Date: Thu, 8 Feb 2007 08:01:37 -0500 (EST)

In the profound words of Daniel Stenberg:
>
> On Wed, 7 Feb 2007, Robert A. Seace wrote:
>
> > In trying to get curl 7.16.1 working on QNX4, I ran into an issue with
> > the libssh2 support... Namely, it fails to seed the SSL PRNG for
> > "scp:"/"sftp:" URLs (as it properly does for "https:"/"ftps:")... On
> > systems where OpenSSL handles the seeding itself, that's no problem, but on
> > QNX it can't do so, because there's no "/dev/random" or other suitable
> > source of randomness... So, the manual seeding is necessary... All that's
> > required to fix the problem is adding a "Curl_ossl_seed(data);" call near
> > the start of Curl_ssh_connect()...
>
> Sorry, but this fix belongs to libssh2 and not in curl. Starting with the next
> libssh2 release, it won't even always use OpenSSL so we shouldn't make such
> assumptions in the curl code.

        Ok, I was actually wondering whether it made more sense to have
it in libssh2, as well... But, since libcurl already had the manual
seeding function in place, I figured it was simplest/easiest to just
add the call there... But, yeah, I can see you're right that it's not
the proper way to do things...

> > This is such a wacky thing, I'm not sure if you want to incorporate the
> > behavior into the standard curl distro, but it probably couldn't hurt...
>
> I agree that this ignoring shouldn't hurt any sensibly working server, but
> then again it isn't needed for any such either since getting a 200 at that
> point is a protocol error to libcurl.
>
> I think ignoring 200 at that point only risk libcurl to not detect protocol
> errors properly on servers that are supposed to be fine. Therefore I'm leaning
> towards not applying this particular fix.

        Yeah, I can definitely understand that... I just figured I'd
offer it out there, in case you were interested... It's of use to
us in having to deal with this one broken FTP server/proxy, but I'm
not sure how useful it'd be in widespread usage... (I did a couple
quick Google searches when initially figuring out what was going on,
and spotted a very few other references to similar behavior, all
involving a similar proxy setup on the FTP server end...) I haven't
seen any other FTP client handle it (though, the people running this
particular broken server claim they have Windoze FTP clients that
work fine in passive mode, which they think justifies their claims
that their server is behaving perfectly fine), so I don't think there
is any pressing need on your part to incorporate such a kluge... And,
it's definitely a kluge, for sure... But, merely a useful one when
dealing with a broken FTP server/proxy run by pigheaded people, who
we are forced to deal with for business reasons... ;-)

        Sorry for wasting time with pointless patches, but I figured
better to offer them and have them not needed than keep them to
myself if they might be useful to others...

-- 
||========================================================================||
||    Rob Seace    ||               URL              || ras_at_magrathea.com ||
||  AKA: Agrajag   || http://www.magrathea.com/~ras/ || rob@wordstock.com ||
||========================================================================||
"He reached out and pressed an invitingly large red button on a
 nearby panel. The panel lit up with the words 'Please do not press
 this button again.'" - The Hitchhiker's Guide to the Galaxy
Received on 2007-02-08