When using the gnutls ssl layer, cleaning-up and reinitializing curl ends up with https requests failing with "ASN1 parser: Element was not found" errors.
The following code exposes the problem:
#include <curl/curl.h>
#include <curl/easy.h>
int main(void) {
CURL *easy = curl_easy_init();
curl_easy_setopt(easy, CURLOPT_VERBOSE, 1);
curl_easy_setopt(easy, CURLOPT_URL, "https://www.verisign.com/");
curl_easy_perform(easy);
curl_global_cleanup();
easy = curl_easy_init();
curl_easy_setopt(easy, CURLOPT_VERBOSE, 1);
curl_easy_setopt(easy, CURLOPT_URL, "https://www.verisign.com/");
curl_easy_perform(easy);
}
This works properly with openssl backend, and with the gnutls backend until version 7.16.3, according to CVS tags.
The bug was introduced in this commit:
http://cool.haxx.se/cvs.cgi/curl/lib/gtls.c.diff?r1=1.26&r2=1.27
Note how gtls_inited is not set back to FALSE in cleanup.
The following patch fixes the issue:
--- curl-7.18.0.orig/lib/gtls.c
+++ curl-7.18.0/lib/gtls.c
@@ -110,8 +110,10 @@
int Curl_gtls_cleanup(void)
{
- if(gtls_inited)
+ if(gtls_inited) {
gnutls_global_deinit();
+ gtls_inited = FALSE;
+ }
return 1;
}
Logged In: YES
user_id=1110
Originator: NO
I can only agree with the analysis, acknowledge the fix, commit it and thank you a lot for the fine report and fix.
Thanks! Fixed! Closed!