cURL / Mailing Lists / curl-library / Single Mail

curl-library

Timeout for Expect: 100-continue as an option

From: Tiit Pikma <tiit.pikma_at_cyber.ee>
Date: Fri, 18 Oct 2013 16:43:22 +0300

Hello, curl-library

Back in 2010 it was mentioned that if someone can come up with a
legitimate use-case showing why the timeout for receiving a response to
Expect: 100-continue should be changeable, it would be considered (see
http://curl.haxx.se/mail/lib-2010-01/0182.html). I think I have stumbled
upon one that may qualify.

I'm sending a POST request with the header Expect: 100-continue which
causes the server to renegotiate the current TLS session (from an only
server-authenticated session to a client-authenticated session). What
I'm seeing on slow connections (think tethering on a 3G connection) is
that waiting for the server response timeouts before the client receives
the hello_request from the server.

Now libcurl seems to be happy to renegotiate after it has finished
sending the message body, but the server is expecting a client_hello and
yet receiving a bunch of application data instead. This causes the
server to send the TLS alert unexpected_message and close the
connection.

So both libcurl and the server are behaving as intended, but the race
condition caused by the slow connection is making the connections fail.

The quick fix was to recompile libcurl with CURL_TIMEOUT_EXPECT_100 set
to 5000 instead of 1000, but it would be nice to be able to set this as
an option - especially given that TLS renegotiation is quite a common
use-case.

Best regards,
Tiit Pikma

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-10-18