summaryrefslogtreecommitdiff
path: root/CHANGES
diff options
context:
space:
mode:
authorConstantine Sapuntzakis <csapuntz@gmail.com>2010-06-05 23:41:58 +0200
committerDaniel Stenberg <daniel@haxx.se>2010-06-05 23:41:58 +0200
commita0dd9df9ab35528eb9eb669e741a5df4b1fb833c (patch)
treecca73863d2c3c0115bc6911db7634bfbd0bd93c0 /CHANGES
parent4724b9d966e0785a875018a33861076501a83929 (diff)
downloadcurl-a0dd9df9ab35528eb9eb669e741a5df4b1fb833c.tar.gz
OpenSSL: fix spurious SSL connection aborts
Was seeing spurious SSL connection aborts using libcurl and OpenSSL. I tracked it down to uncleared error state on the OpenSSL error stack - patch attached deals with that. Rough idea of problem: Code that uses libcurl calls some library that uses OpenSSL but don't clear the OpenSSL error stack after an error. ssluse.c calls SSL_read which eventually gets an EWOULDBLOCK from the OS. Returns -1 to indicate an error ssluse.c calls SSL_get_error. First thing, SSL_get_error calls ERR_get_error to check the OpenSSL error stack, finds an old error and returns SSL_ERROR_SSL instead of SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. ssluse.c returns an error and aborts the connection Solution: Clear the openssl error stack before calling SSL_* operation if we're going to call SSL_get_error afterwards. Notes: This is much more likely to happen with multi because it's easier to intersperse other calls to the OpenSSL library in the same thread.
Diffstat (limited to 'CHANGES')
-rw-r--r--CHANGES5
1 files changed, 5 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 4379303ad..6ea7c7c7b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,11 @@
Changelog
Daniel Stenberg (5 June 2010)
+- Constantine Sapuntzakis fixed a case of spurious SSL connection aborts using
+ libcurl and OpenSSL. "I tracked it down to uncleared error state on the
+ OpenSSL error stack - patch attached deals with that."
+
+Daniel Stenberg (5 June 2010)
- Frank Meier added CURLINFO_PRIMARY_PORT, CURLINFO_LOCAL_IP and
CURLINFO_LOCAL_PORT to curl_easy_getinfo().