diff options
author | Jay Satiro <raysatiro@yahoo.com> | 2020-07-30 12:25:05 -0400 |
---|---|---|
committer | Jay Satiro <raysatiro@yahoo.com> | 2020-07-30 12:25:05 -0400 |
commit | 40909c405b090812b28b9a6c09a9cf8360a5631a (patch) | |
tree | 6b3c0a75bec0fc6b0c584cb48ac9998f5ec70eb7 | |
parent | a12a16151aa33dfd5e7627d4bfc2dc1673a7bf8e (diff) | |
download | curl-40909c405b090812b28b9a6c09a9cf8360a5631a.tar.gz |
TODO: Schannel: 'Add option to allow abrupt server closure'
We should offer an option to allow abrupt server closures (server closes
SSL transfer without sending a known termination point such as length of
transfer or close_notify alert). Abrupt server closures are usually
because of misconfigured or very old servers.
Closes https://github.com/curl/curl/issues/4427
-rw-r--r-- | docs/TODO | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -123,6 +123,7 @@ 15.1 Extend support for client certificate authentication 15.2 Extend support for the --ciphers option 15.3 Add option to disable client certificate auto-send + 15.4 Add option to allow abrupt server closure 16. SASL 16.1 Other authentication mechanisms @@ -842,6 +843,15 @@ that doesn't exist on the server, just like --ftp-create-dirs. https://github.com/curl/curl/issues/2262 +15.4 Add option to allow abrupt server closure + + libcurl w/schannel will error without a known termination point from the + server (such as length of transfer, or SSL "close notify" alert) to prevent + against a truncation attack. Really old servers may neglect to send any + termination point. An option could be added to ignore such abrupt closures. + + https://github.com/curl/curl/issues/4427 + 16. SASL 16.1 Other authentication mechanisms |