Mailing Lists

curl-tracker Archives

[curl:bugs] #1462 SSL connection returns garbage data

From: Daniel Stenberg <bagder_at_users.sf.net>
Date: Mon, 08 Dec 2014 23:29:27 +0000

I don't run or use Windows personally so I can't test this at all.

Your suggested patch has a problem though and that is that the function is declared to return an ssize_t while size is a size_t type which will cause compiler warnings with picky compilers.

This made me go back and check where exactly the missing assignment of ret is that causes it to get returned with the wrong value. How about this change?

~~~~~
diff --git a/lib/vtls/curl_schannel.c b/lib/vtls/curl_schannel.c
index 3a740bd..bc8f58a 100644
--- a/lib/vtls/curl_schannel.c
+++ b/lib/vtls/curl_schannel.c
@@ -1011,10 +1011,12 @@ schannel_recv(struct connectdata *conn, int sockindex,

     infof(data, "schannel: decrypted data returned %zd\n", size);
     infof(data, "schannel: decrypted data buffer: offset %zu length %zu\n",
           connssl->decdata_offset, connssl->decdata_length);
   }
+ else
+ ret = 0;

   /* check if the server closed the connection */
   if(ret <= 0 && ( /* special check for Windows 2000 Professional */
       sspi_status == SEC_I_CONTEXT_EXPIRED || (sspi_status == SEC_E_OK &&
         connssl->encdata_offset > 0 && connssl->encdata_buffer[0] == 0x15))) {

---
** [bugs:#1462] SSL connection returns garbage data**
**Status:** open
**Labels:** SSL DarwinSSL 
**Created:** Fri Dec 05, 2014 09:45 PM UTC by Tae Hyoung Ahn
**Last Updated:** Sat Dec 06, 2014 03:24 AM UTC
**Owner:** Daniel Stenberg
When curl receives encrypted data from ssl connection, schannel_recv() tries to decrypt.
If s_pSecFn->DecryptMessage() returns a error such as SEC_I_CONTEXT_EXPIRED, schannel_recv() returns ret variable that has the encrypted packet length not decrypted packet size.
So the last line of schannel_recv() should be changed to return size variable.
 
---
Sent from sourceforge.net because curl-tracker@cool.haxx.se is subscribed to https://sourceforge.net/p/curl/bugs/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/curl/admin/bugs/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

Received on 2014-12-09

This message: [ Message body ]
Next message: Daniel Stenberg: "[curl:bugs] #1461 curl_easy_reset removes proxy information via environment"
Previous message: JoSch: "[curl:bugs] Re: #1461 curl_easy_reset removes proxy information via environment"
In reply to: Tae Hyoung Ahn: "[curl:bugs] #1462 SSL connection returns garbage data"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

These mail archives are generated by hypermail.