cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: [SECURITY ADVISORY 1/4] libcurl wrong re-use of connections

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 13 May 2014 10:00:28 +0200 (CEST)

On Tue, 13 May 2014, Kamil Dudka wrote:

> Sorry for reopening this thread again. I just spotted that the
> PROTOPT_CREDSPERREQUEST flag is set for HTTPS, but not for HTTP. Is that
> intentionally?

Oh, ouch. No that's not intended. It'll just make HTTP re-use connections
really badly.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2014-05-13

This message: [ Message body ]
Next message: mtroispont_at_hush.com: "Re: Inconsistent text case using CURLINFO_EFFECTIVE_URL"
Previous message: Kamil Dudka: "Re: [SECURITY ADVISORY 1/4] libcurl wrong re-use of connections"
In reply to: Kamil Dudka: "Re: [SECURITY ADVISORY 1/4] libcurl wrong re-use of connections"
Next in thread: Steve Holme: "RE: [SECURITY ADVISORY 1/4] libcurl wrong re-use of connections"
Reply: Steve Holme: "RE: [SECURITY ADVISORY 1/4] libcurl wrong re-use of connections"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]