Bugs item #1334338, was opened at 2005-10-21 09:43
Message generated for change (Comment added) made by nobody
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=1334338&group_id=976

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: libcurl
Group: wrong behaviour
Status: Closed
Resolution: Fixed
Priority: 5
Private: No
Submitted By: Dima Barsky (barsky)
Assigned to: Daniel Stenberg (bagder)
Summary: libcurl built with gnutls ignores a rehandshake request

Initial Comment:
I have a small python application which uses pycurl to
download my bank statements every week. I was using
pycurl 7.13 built with openssl until recently and the
application worked fine. A few days ago I upgraded the
pycurl and the libcurl packages to 7.15.0
(pycurl.version reports 'libcurl/7.15.0 GnuTLS/1.2.8
zlib/1.2.3 libidn/0.5.18') and now my application fails
with this message:

* GnuTLS recv error (-37): Rehandshake was requested by
the peer.
* Empty reply from server
* Connection #0 to host www2.auth.net.hsbc.com left intact
Traceback (most recent call last):
.......................................
pycurl.error: (52, 'Peer closed the TLS connection')
* Closing connection #0

Looking at lib/gtls.c file, I found that the
Curl_gtls_recv function ignores a possible rehandshake
request from the server and returns an error, which
forces the server to drop the connection. Please
correct me if I'm wrong, but I think that a new
handshake should be issued if gnutls_record_recv()
returned GNUTLS_E_REHANDSHAKE.

----------------------------------------------------------------------

Comment By: Nobody/Anonymous (nobody)
Date: 2006-11-05 05:51

Message:
Logged In: NO

Hi! Cool site! <a href=http://car-car-in-loan-title-virginia.laeblog.com/ >car car in loan title virginia</a>
[url=http://car-car-in-loan-title-virginia.laeblog.com/ ]car car in loan title virginia[/url]

----------------------------------------------------------------------

Comment By: Daniel Stenberg (bagder)
Date: 2005-10-25 01:05

Message:
Logged In: YES
user_id=1110

If you think it is another libcurl problem, please file a
new bug report with all details you can figure out.

----------------------------------------------------------------------

Comment By: Dima Barsky (barsky)
Date: 2005-10-24 13:05

Message:
Logged In: YES
user_id=644787

Thank you for the quick fix, it seems to help. This
particular request now succeeds. The whole application
still does not work, but it crashes somewhere else now.

----------------------------------------------------------------------

Comment By: Daniel Stenberg (bagder)
Date: 2005-10-22 14:05

Message:
Logged In: YES
user_id=1110

Thanks for reporting! I just now committed a fix for this
case. Not in an elegant way, but hopefully at least working.

----------------------------------------------------------------------

Comment By: Daniel Stenberg (bagder)
Date: 2005-10-21 11:29

Message:
Logged In: YES
user_id=1110

Yes, the man page for gnutls_record_recv() seems to agree
with you.

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=1334338&group_id=976
Received on 2006-11-05