cURL
Haxx ad
libcurl

curl's project page on SourceForge.net

Sponsors:
Haxx

cURL > Mailing List > Monthly Index > Single Mail

curl-tracker Archives

[curl:bugs] #1249 OpenSSL not used correctly?

From: Daniel Stenberg <bagder_at_users.sf.net>
Date: Sun, 23 Jun 2013 11:04:31 +0000

- **status**: open --> closed-fixed

---
** [bugs:#1249] OpenSSL not used correctly?**
**Status:** closed-fixed
**Labels:** openssl 
**Created:** Sat Jun 22, 2013 10:27 PM UTC by Nach M. S.
**Last Updated:** Sun Jun 23, 2013 10:46 AM UTC
**Owner:** Daniel Stenberg
I just upgraded to 7.31.0, and testing my software against it, I see some of my SSL/TLS unit tests are now failing with:
    * SSL read: error:00000000:lib(0):func(0):reason(0), errno 0
    * Closing connection 1
This doesn't look right, as it seems to be failing with no error whatsoever.
I bisected the issue to this commit: https://github.com/bagder/curl/commit/520833cbe1601feed1c6473bd28c4c894e7ee63e
As we all know, OpenSSL documentation is woefully incomplete, and the library has many bizare issues. But after looking at whatever documentation I can find, the best I can come up with is that in some cases, OpenSSL's SSL_read() returns zero, because the underlying read() or recv() returned 0, and that this is not an error, yet curl's existing code does not handle this.
I'm including a test case where in previous versions, curl seems to work fine, and in newer versions, curl fails.
I also whipped up a patch which I'm including for curl's OpenSSL code to actually check that errno from OpenSSL is indeed reporting an error instead of assuming it. With this patch, I no longer have SSL/TLS problems with my test case.
curl 7.31.0 (x86_64-unknown-linux-gnu) libcurl/7.31.0 OpenSSL/1.0.1e zlib/1.2.8
Protocols: file http https
Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
---
Sent from sourceforge.net because curl-tracker@cool.haxx.se is subscribed to https://sourceforge.net/p/curl/bugs/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/curl/admin/bugs/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.
Received on 2013-06-23

These mail archives are generated by hypermail.

donate! Page updated May 06, 2013.
web site info

File upload with ASP.NET