cURL / Mailing Lists / curl-library / Single Mail


Upgrade TLS

From: Steve Holme <>
Date: Sun, 20 Jan 2013 10:49:20 +0000

Hi all,

You may have noticed that I recently added the ability to asynchronously
upgrade plain POP3 connections to POP3 over TLS. The code for this was based
on that of the SMTP and IMAP protocols.

Anyway, whilst reviewing this and some of the Daniel's always-multi changes
I began to wonder why the xxxx_state_upgrade_tls() functions in smtp.c,
imap.c and now pop3.c ignore the return code of

For example:

static CURLcode smtp_state_upgrade_tls(struct connectdata *conn)
  struct smtp_conn *smtpc = &conn->proto.smtpc;
  CURLcode result;

  result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &smtpc->ssldone);

  if(smtpc->ssldone) {
    result = smtp_state_ehlo(conn);

  return result;

As you can see, only the ssldone variable is checked. However, there are
instances when the Curl_ssl_connect_nonblocking() function can return an
error but ssldone is set to true. This can only happen when a blocking API
is being used and curlssl_connect() ends up being called instead of

As such:

. Does anyone know why the xxxx_state_upgrade_tls() functions are ignoring
the return value?
* Should the connection's close flag be set like in http.c -
https_connecting() as well? Note: The use in openldap.c - ldap_connect() and
ldap_connecting() doesn't
* When is the blocking API used?
* Should Curl_ssl_connect_nonblocking() be setting the done variable to
TRUE only if curlssl_connect() is successful?

I'm not too sure how much of an issue this is but for what it's worth I
think item 1 should be fixed.

I have a pending fix for this but would appreciate other's input as well.

Many thanks

List admin:
Received on 2013-01-20