I expressed my self poorly in my first post regarding this issue.
There are of course not two sockets, the difference is if the subsequent
send to the server (after CCC and SSL shutdown) goes through
Curl_send_plain or ossl_send. Using the later causes a crash after CCC
has been handled. I've made a patch that fixes this, so now it works for me.

On 2011-04-14 17:51, Mehmet Bozkurt wrote:
> Hello!
>
> I've run into an issue with the CCC command. I've configured libcurl to
> issue it after the TLS/SSL handshake is done. However, this causes an
> 'Access violation' in the libcurl library. I've tried a similar scenario
> using curl.exe and the same crash occurs.
>
> I'm running libcurl 7.21.1. Has anyone else seen this?
>
> I've done some debugging and it seems that after Curl_ossl_shutdown
> (ssluse.c) is run, the following "PWD" command is sent over the SSL
> socket, which has been closed, instead of the 'plain' socket.
>
> In Curl_write (sendf.c) there is a selection of which method to use to
> write the "PWD" command:
>
> ...
> int num = (sockfd == conn->sock[SECONDARYSOCKET]);
> bytes_written = conn->send[num](conn, num, mem, len, &curlcode);
> ...
> Here num becomes 0 and the conn->send[num].... call ends up in
> SSL_write, with an invalid SSL handle, which in turn causes a crash.
>
> I downloaded curl.exe 7.21.4 and tried; crash here as well.
> My command line:
> >curl -k --ftp-ssl --ftp-ssl-ccc -T file.txt -u user:pass
> ftp://192.168.34.132:8990/updir/
>
> Verbose:
> * Connected to 192.168.34.132 (192.168.34.132) port 8990 (#0)
> < 220 Titan FTP Server 8.32.1242 Ready.
> > AUTH SSL
> < 234 Security data exchange complete.
> * SSLv3, TLS handshake, Client hello (1):
> } [data not shown]
> * SSLv3, TLS handshake, Server hello (2):
> { [data not shown]
> * SSLv3, TLS handshake, CERT (11):
> { [data not shown]
> * SSLv3, TLS handshake, Server finished (14):
> { [data not shown]
> * SSLv3, TLS handshake, Client key exchange (16):
> } [data not shown]
> * SSLv3, TLS change cipher, Client hello (1):
> } [data not shown]
> * SSLv3, TLS handshake, Finished (20):
> } [data not shown]
> * SSLv3, TLS change cipher, Client hello (1):
> { [data not shown]
> * SSLv3, TLS handshake, Finished (20):
> { [data not shown]
> * SSL connection using RC4-MD5
> * Server certificate:
> ......
> * SSL certificate verify result: self signed certificate (18),
> continuing anyway.
> > USER user
> 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0< 331 User name okay,
> need password.
> > PASS pass
> < 230-Welcome ftpclientcase001 from 192.168.34.130. You are now logged
> in to the server.
> < 230 User logged in, proceed.
> > PBSZ 0
> < 200 Command OK. PBSZ=0
> > PROT P
> < 200 Encrypting Data Channel.
> > CCC
> < 200 Command OK.
> * SSLv3, TLS alert, Client hello (1):
> { [data not shown]
>
>
>
> Best regards,
> Mehmet
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-library
> Etiquette: http://curl.haxx.se/mail/etiquette.html

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-04-15