cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: Upgrade TLS

From: Steve Holme <steve_holme_at_hotmail.com>
Date: Thu, 24 Jan 2013 20:53:31 +0000

Hi all,

On Sun, 20 Jan 2013, Steve Holme wrote:

> Anyway, whilst reviewing this and some of the Daniel's
> always-multi changes I began to wonder why the
> xxxx_state_upgrade_tls() functions in smtp.c, imap.c and now
> pop3.c ignore the return code of Curl_ssl_connect_nonblocking().
>

I've not heard back from anyone so just wanted to post an update on the
problem:

It would seem that this problem only exists if one of our SSL
implementations, (and if I've understood the these correctly) such as axTls,
nss or QsoSSL, didn't provide a curlssl_connect_nonblocking() function but
instead only implemented a curlssl_connect() function. All the other
implementations seem to provide a non-blocking connect function and as such
probably explains why we haven't seen any issues.

> As such:
>
> * Does anyone know why the xxxx_state_upgrade_tls() functions are
> ignoring the return value?
> * Should the connection's close flag be set like in http.c -
> https_connecting() as well? Note: The use in openldap.c -
> ldap_connect() and ldap_connecting() doesn't
> * When is the blocking API used?
> * Should Curl_ssl_connect_nonblocking() be setting the done variable
> to TRUE only if curlssl_connect() is successful?
>
> I'm not too sure how much of an issue this is but for what it's worth I
think item 1 should be fixed.
>
> I have a pending fix for this but would appreciate other's input as well.

With the release of v7.29 around the corner and a bunch of features I would
like to add to the next release, I have cleared my patches for item 1 off my
to do list and pushed them (one for imap, pop3 and smtp). As usual any
feedback would be welcome.

Technically, I still think that curlssl_connect_nonblocking() could be fixed
up so that the done variable isn't set to TRUE when curlssl_connect()
returns a failure. However, and as I don't know that code too well, I didn't
want to go meddling in there ;-)

Kind Regards

Steve
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-01-24

This message: [ Message body ]
Next message: Bruno de Carvalho: "Re: HTTPS upload bug using Darwin SSL"
Previous message: Nick Zitzmann: "Re: HTTPS upload bug using Darwin SSL"
Maybe in reply to: Steve Holme: "Upgrade TLS"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]