I will know soon.

David R. Sullivan
 
 
To: 1180_at_bugs.curl.p.re.sf.net
From: bagder_at_users.sf.net
Subject: [curl:bugs] #1180 libcurl can trigger a SIGPIPE
Date: Mon, 3 Jun 2013 21:17:18 +0000

David: so does the patch fix the problem you experienced?

 [bugs:#1180] libcurl can trigger a SIGPIPE

Status: open-confirmed

Created: Tue Jan 08, 2013 09:57 PM UTC by Daniel Stenberg

Last Updated: Mon Jun 03, 2013 09:15 PM UTC

Owner: Daniel Stenberg

Using 7.28.1 and current git (jan 8, 2013) libcurl can cause a SIGPIPE to trigger. One situation was possible to trigger with this command line using a libcurl built to use OpenSSL:

$ curl --limit-rate 250k -L http://github.com/raspberrypi/firmware/archive/4ade27942e.tar.gz > /dev/null

This command redirects to a HTTPS site and then to a second site that it downloads from. When after the (5+ minutes) download the initial HTTPS connection is to be shut down, the OpenSSL calls used will attempt an SSL shutdown but the server has already closed the connection and this triggers a SIGPIPE.

OpenSSL (and quite probably a few of the other SSL backends) does not allow us to easily switch off SIGPIPE generation on systems without SO_NOSIGPIPE.

The only suitable way to do it that will work is to

On the library entry call: check if ignore of the signal is necessary, then ignore it.

When leaving the library again: check if libcurl set the ignore, then remove it again.

Inspirational code for this kind of functionality can be seen here: https://github.com/kroki/XProbes/blob/1447f3d93b6dbf273919af15e59f35cca58fcc23/src/libxprobes.c#L156 - note that the XProbes code is LGPL licensed.

Originally reported here: http://curl.haxx.se/mail/archive-2013-01/0003.html by Lluís Batlle i Rossell

Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/curl/bugs/1180/

To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/
                                               

---
** [bugs:#1180] libcurl can trigger a SIGPIPE**
**Status:** open-confirmed
**Created:** Tue Jan 08, 2013 09:57 PM UTC by Daniel Stenberg
**Last Updated:** Mon Jun 03, 2013 09:17 PM UTC
**Owner:** Daniel Stenberg
Using 7.28.1 and current git (jan 8, 2013) libcurl can cause a SIGPIPE to trigger. One situation was possible to trigger with this command line using a libcurl built to use OpenSSL:

$ curl --limit-rate 250k -L http://github.com/raspberrypi/firmware/archive/4ade27942e.tar.gz > /dev/null

This command redirects to a HTTPS site and then to a second site that it downloads from. When after the (5+ minutes) download the initial HTTPS connection is to be shut down, the OpenSSL calls used will attempt an SSL shutdown but the server has already closed the connection and this triggers a SIGPIPE.

OpenSSL (and quite probably a few of the other SSL backends) does not allow us to easily switch off SIGPIPE generation on systems without SO_NOSIGPIPE.

The only suitable way to do it that will work is to

On the library entry call: check if ignore of the signal is necessary, then ignore it.

When leaving the library again: check if libcurl set the ignore, then remove it again.

*Inspirational* code for this kind of functionality can be seen here: https://github.com/kroki/XProbes/blob/1447f3d93b6dbf273919af15e59f35cca58fcc23/src/libxprobes.c#L156 - note that the XProbes code is LGPL licensed.

Originally reported here: http://curl.haxx.se/mail/archive-2013-01/0003.html by Lluís Batlle i Rossell
---
Sent from sourceforge.net because you indicated interest in <https://sourceforge.net/p/curl/bugs/1180/>
To unsubscribe from further messages, please visit <https://sourceforge.net/auth/subscriptions/>