curl-library
RE: POP3 not using same connection for multiple requests when using starttls
Date: Thu, 17 Nov 2011 00:03:28 +0100 (CET)
On Sun, 13 Nov 2011, Steve Holme wrote:
>> If USE_SSL is NONE then pop3:// connections can only re-use other
>> connections that didn't use SSL.
>>
>> If USE_SSL != NONE, then the pop3:// connection should only re-use
>> other connections that use SSL.
>
> Sorry if I'm being a bit slow here but I'm sure you'll appreciate it is
> quite difficult to grasp what others are saying via email sometimes.
Oh, I'm sorry if I gave an impression of being impatient. I'm just a bit short
on time at times, and sometimes I'm just trying to be accurate and
to-the-point. I very much appreciate all your time and effort you spend on
this, and I want you (and others) to get a better understanding of the
internals!
Short version: your descriptions match exactly what I envision. I'll elaborate
a bit more below though:
> Scenario 1 - No SSL
>
> CURL* curl = curl_easy_init(); //
> Initialise curl
> curl_easy_perform("pop3://mail.domain.com"); // This will connect
> via a normal connection as #0
> curl_easy_perform("pop3://mail.domain.com/1"); // This should reuse
> connection #0
> curl_easy_perform("pop3://mail.domain.com/2"); // So should this
Yes, case 1 looks like the simple and straight-forward case - which should
already work fine.
> Scenario 2 - SSL
>
> CURL* curl = curl_easy_init(); //
> Initialise curl
> curl_easy_setopt(curl, CURLOPT_USE_SSL, CURLUSESSL_TRY); // Use SSL
> if available
Note that this says "TRY". That's a bit devious, as it means the user is
actually fine with either way, it just wants to try SSL and go with it if it
works. That option can however get set to CURLFTPSSL_CONTROL or CURLFTPSSL_ALL
which mean: MUST use SSL.
> curl_easy_perform("pop3://mail.domain.com"); // This will create
> connection #0 and upgrade via TLS if server supports it
> curl_easy_perform("pop3://mail.domain.com/1"); // This should reuse
> connection #0
> curl_easy_perform("pop3://mail.domain.com/2"); // and this
Correct. As they all have the same level of SSL on the request and SSL on the
existing connection.
> Scenario 3 - No SSL and then SSL
>
> CURL* curl = curl_easy_init();
> curl_easy_perform("pop3://mail.domain.com"); // This will connect
> via a normal connection as #0
> curl_easy_setopt(curl, CURLOPT_USE_SSL, CURLUSESSL_TRY); // Use SSL
> if available
Here's the same caveat for the USE_SSL option.
> curl_easy_perform("pop3://mail.domain.com/1"); // This will create
> connection #1 and upgrade via TLS if server supports it
> curl_easy_perform("pop3://mail.domain.com/2"); // This will reuse
> connection #1
Correct as well. As the first connection (#0) only speaks plain sockets, the
subsequent request that insists on SSL must create a new connection and then
the 3rd request can re-use the second (#1) connection since the SSL levels
match.
-- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.htmlReceived on 2011-11-17