cURL / Mailing Lists / curl-library / Single Mail


Re: schannel_connect_step3 failures

From: Yang Tse <>
Date: Wed, 20 Jun 2012 20:23:59 +0200

Code sets several ISC_REQ_* bit flags in order to setup security
context, and later verifies if the flags of the security context
actually match those previously set.

The problem is that except for ISC_REQ_ALLOCATE_MEMORY, all other may
simply be ignored, changed while handshaking and even further changed
while renegotiating.

I believe the fix is to only warn if returned flags don't match
requested ones, except for the ISC_REQ_ALLOCATE_MEMORY one which
should fail hard if it doesn't match and make schannel_connect_step3

List admin:
Received on 2012-06-20