cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL with curl

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Thu, 13 Jan 2011 00:38:03 +0100 (CET)

On Wed, 12 Jan 2011, amit paliwal wrote:

>> I don't know what "raw data" means here, but I assume you mean that the
>> server doesn't send any headers at all? If so, that's not syntactically
>> correct HTTP and I think libcurl is entiteled to drop out or do whatever. I
>> _believe_ however that it will pretend as if there were only
>> non-interesting headers and it will deliver the "raw data" as response body
>> contents and assume a closed connection when done.
>
> Reply: yes you are right here, as HTTP1.1 follows persistent connection,
> what will happen if some data comes without HTTP header in it. closed
> connection should not happen unless we get "Connection:close" as part of
> HTTP , right?

HTTP 1.1 implies and uses persistent connections by default, yes.

But if your server responds to a request without any headers, that's certainly
NOT HTTP 1.1 and libcurl could not possibly do HTTP1.1-style persistent
connections anymore. It takes proper headers for that to work.

> Reply: yes i have seen the examples, and i have seen some of the code also,
> but i was now knowing how does curl handles non HTTP header data that comes
> on socket, and that is why i asked this. It might throw some error
> condition, and I am interested in knowing the error condition.

An HTTP response is split up in two parts: headers and body. An actual HTTP
response *always* have headers[*] and it may have a body.

In case there still is no headers, that's a violation against the protocol but
libcurl will struggle to deliver the body part. That body part will then
basically be treated as a HTTP 1.0 response body by libcurl.

>> 1) I have SSL enabled on my socket, and expect Open SSL read and write
>>> function to be called for receiving and sending data on socket,
>>> irrespective of application layer protocol is HTTP or something else.
>
> Reply: I am sorry here, but I wanted to ask about HTTPS connection, in that
> case it should use SSL calls right? I am sorry again for the wrong question.

Yes, when libcurl speaks HTTPS it will use an SSL library to read the data off
the socket.

> although i know it is not HTTPS but if If i receive non HTTP header data,
> and I want it to be TLS authenticated what shall I do ? I can think of some
> possibilities like:

If you don't want libcurl to do neither HTTP nor HTTPS and only do TLS then I
would probably say you should perhaps not use libcurl at all...

> 1) use curl_easy_recv() to receive the data, but here will it internally
> authenticate it with TLS? or it will just copy it in my buffer and I need to
> authenticate it.

No. The "authentication" for TLS is done in the handshake/negotiation phase
and that is done before any data is transfered at all. Once one side/both
sides have been verified to be good, data can be exchanged between the
parties.

curl_easy_recv() is only ever used after a TLS connection has been negotiated
(or it won't work at all).

[*] = in this context I call the response "Status-Line" a header

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2011-01-13