Hello everyone,

thanks for taking a look into this issue. Daniel's patch looks good and fixes the issue reported within this bug.

@Jay: During the development of the SChannel backend I stumpled upon this undocumented behaviour, because if I didn't read the buffers before closing or renegotiating the connection it would be missing from the output. At least for renegotiation this behaviour is indirectly documented here: http://msdn.microsoft.com/en-us/library/windows/desktop/aa379368.aspx

"The DecryptMessage (General) function traps requests for renegotiation coming from the message sender. It notifies your application *by decrypting the message data* and returning the SEC_I_RENEGOTIATE value."
(the important part being marked with *)

I noticed that this also applies to connection shutdown and implemented it this way. At least I did not notice any trouble with this implementation until today. Did you?

Best regards,
Marc

---
** [bugs:#1462] SSL connection returns garbage data**
**Status:** open-confirmed
**Labels:** SSL winssl 
**Created:** Fri Dec 05, 2014 09:45 PM UTC by Tae Hyoung Ahn
**Last Updated:** Thu Dec 11, 2014 07:11 AM UTC
**Owner:** Daniel Stenberg
When curl receives encrypted data from ssl connection, schannel_recv() tries to decrypt.
If s_pSecFn->DecryptMessage() returns a error such as SEC_I_CONTEXT_EXPIRED, schannel_recv() returns ret variable that has the encrypted packet length not decrypted packet size.
So the last line of schannel_recv() should be changed to return size variable.
 
---
Sent from sourceforge.net because curl-tracker@cool.haxx.se is subscribed to https://sourceforge.net/p/curl/bugs/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/curl/admin/bugs/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.