cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: POP3 not using same connection for multiple requests when using starttls

From: Steve Holme <steve_holme_at_hotmail.com>
Date: Thu, 3 Nov 2011 10:56:12 +0000

Hi Daniel,

> > if((needle->handler->flags&PROTOPT_SSL) !=
> > (check->handler->flags&PROTOPT_SSL))
> > /* don't do mixed SSL and non-SSL connections */
> > continue;
>
> Yes, this is indeed the culprit of this problem you see. The problem
> for libcurl here is that the "raw" pop3 protocol has no SSL, but it will
> be updated at run-time with STARTTLS to feature it (and when libcurl
> switches to the TLS version, it changes the handler pointer to point to
> the pop3s struct which _has_ the SSL bit set).
>
> Therefore, the handler->flags's PROTOPT_SSL bit is not enough to use
> for this check!

Upon further investigation I also believe that SMTP and IMAP suffer the same
fate as well.

I have tried commenting out the contents of pop3_to_pop3s() which only gets
called during the upgrade process (and thus not changing the handler). This
appears to work, although I am not too sure if this will cause any other
problems.

> > Because I am not too familiar with this area of code I was wondering
> > if there is any way of performing an additional check on new
> > connection to see if it is about to enter SSL mode and if so don't
> > move on to the next item in the loop but instead continue checking the
> > rest of the criteria needed to return the correct reuse value?
>
> Yes, we should be able to extend that check so that requests that are
>"plain text but STARTTLS-requested" would match and be able to
> re-use the connections that are already STARTTLS'ed.

I was wondering whether we could introduce another handler. For example:
Curl_handler_pop3tls (and subsequently: Curl_handler_smtptls and
Curl_handler_imaptls) which then has flags to say that the connection has
been upgraded but then the scheme would be the same and could be used during
the reuse test. The only problem I foresee with this is: I don't know if or
how curl uses the handlers to calculate the default port information and
whether having two "pop3" (and "smtp", "imap") handlers would cause
additional problems.

Kind Regards

Steve

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-11-03