cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: connection reuse with proxies and ssl

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Thu, 14 Feb 2008 22:26:48 +0100 (CET)

On Wed, 30 Jan 2008, Daniel Stenberg wrote:

> As Gautam Kachroo points out, the reusing of the connection is already
> broken in some senses, as the new URL is set and the first transfer is
> aborted in a way so that the second use of it (the re-use) accidentally
> skips stuff that it shouldn't. This flaw was introduced when the SSL
> connection was converted to this non-blocking method.
>
> I've had a look at how easy it would be to fix this bug, but it's a bit of a
> pain and since this entire "set a new URL in the SSL callback"-thing is a
> very rare use-case I'm now leaning towards simply not supporting this any
> more.
>
> To recap: It's broken, I don't feel like fixing it and applying Gautam
> Kachroo's patch breaks the functionality even more so that test 509 no
> longer runs fine.

Let me just bring this back to surface and say that this is not forgotten and
I hope we can get this sorted for 7.18.1. (I added 5 topics to the
TODO-RELEASE file today that I want dealt with before next release.)

The patch is fine since it corrects at least one bug. It does however cause
test case 509 to fail.

The test case 509 approach should be considered unsupported and we should
remove the test case, and the code that attempts to support it. This code has
been broken since about 7.15.4 (March 2006) since the introduction of
non-blocking OpenSSL "connects".

The patch that introduced this feature (for 7.11.0), which probably can be
used as base when reverting it again is available here:

http://cool.haxx.se/cvs.cgi/curl/lib/multi.c.diff?r1=1.41&r2=1.42

Gautam Kachroo, are you willing to extend your work on this by doing the "509
fix" as well?

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
Received on 2008-02-14