cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: --ftp-ssl-ccc not always working

From: Linus Nielsen Feltzing <linus_at_haxx.se>
Date: Thu, 25 Jan 2007 08:22:51 +0100

Dan Fandrich wrote:
> I tried the new --ftp-ssl-ccc option on the public Gene6 FTP server, and it
> doesn't work right. The command:
>
>> CCC
> < 200 Command okay.
> * SSL_get_shutdown() returned SSL_RECEIVED_SHUTDOWN
>> PWD
> < WD
> dRÿgäPÁs¶&'
>
> and then curl hangs. Sometimes, the garbage after the PWD command doesn't
> appear, but it still hangs. It looks to me like some kind of race condition
> while shutting down the SSL connection.

It is likely to be a race condition. The RFC doesn't tell which party is
supposed to initiate the shutdown, and if both parties try to shutdown,
we have a race condition on our hands.

The two servers I have tested with both handle it by sending a
close_notify alert without waiting for a close_notify in return. This
means that we can't follow the normal procedures recommended by the SSL
documentation.

This is a (very common) violation of the protocol, but I don't see how
the poor server could handle it in a better way. If the server would
wait for the close_notify from the client (which may never come), the
server would hang instead.

I'll analyze it and see if I can come up with an option to handle this
type of server as well.

Linus
Received on 2007-01-25