Go to file
Constantine Sapuntzakis a0dd9df9ab OpenSSL: fix spurious SSL connection aborts
Was seeing spurious SSL connection aborts using libcurl and
OpenSSL. I tracked it down to uncleared error state on the
OpenSSL error stack - patch attached deals with that.

Rough idea of problem:

Code that uses libcurl calls some library that uses OpenSSL but
don't clear the OpenSSL error stack after an error.

ssluse.c calls SSL_read which eventually gets an EWOULDBLOCK from
the OS. Returns -1 to indicate an error

ssluse.c calls SSL_get_error. First thing, SSL_get_error calls
ERR_get_error to check the OpenSSL error stack, finds an old
error and returns SSL_ERROR_SSL instead of SSL_ERROR_WANT_READ or
SSL_ERROR_WANT_WRITE.

ssluse.c returns an error and aborts the connection

Solution:

Clear the openssl error stack before calling SSL_* operation if
we're going to call SSL_get_error afterwards.

Notes:

This is much more likely to happen with multi because it's easier
to intersperse other calls to the OpenSSL library in the same
thread.
2010-06-05 23:41:58 +02:00
CMake CMake fixes for Linux. 2010-03-24 14:07:18 -04:00
docs getinfo: added *_PRIMARY_PORT, *_LOCAL_IP and *_LOCAL_PORT 2010-06-05 00:31:36 +02:00
include getinfo: added *_PRIMARY_PORT, *_LOCAL_IP and *_LOCAL_PORT 2010-06-05 00:31:36 +02:00
lib OpenSSL: fix spurious SSL connection aborts 2010-06-05 23:41:58 +02:00
m4 new configure option --enable-threaded-resolver 2010-04-25 23:24:05 +02:00
packages add missing new files to non-configure target build files 2010-06-02 15:09:39 +02:00
perl remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
src fix compiler warning: enumerated type mixed with another type 2010-06-01 12:25:14 +02:00
tests fix compiler warning: external declaration in primary source file 2010-05-31 16:58:24 +02:00
.gitattributes Add .gitattributes files to turn off CRLF translation for some files 2010-03-24 23:48:35 -04:00
.gitignore ignore files generated by 'maketgz' 2010-04-14 17:12:34 +02:00
acinclude.m4 remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
Android.mk Copy the license file so it's seen by the Android build system 2010-05-12 15:23:28 -07:00
buildconf findtool: file name as a full path requires a slash 2010-05-09 23:16:37 +02:00
buildconf.bat modified to use the git file, not cvs 2010-04-11 11:35:33 +02:00
CHANGES OpenSSL: fix spurious SSL connection aborts 2010-06-05 23:41:58 +02:00
CHANGES.0 removed trailing whitespace 2010-02-14 19:40:18 +00:00
CMakeLists.txt Enable OpenLDAP support for cygwin builds. 2010-06-04 15:14:31 +02:00
configure.ac Enable OpenLDAP support for cygwin builds. 2010-06-04 15:14:31 +02:00
COPYING update the generic copyright year range to include 2010 2010-03-02 13:47:58 +00:00
CTestConfig.cmake ENH: move dashboard location 2009-07-15 19:40:46 +00:00
curl-config.in remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
curl-style.el remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
GIT-INFO s/CVS/git 2010-03-22 00:41:34 +01:00
install-sh removed trailing whitespace 2010-02-14 19:40:18 +00:00
libcurl.pc.in remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
MacOSX-Framework removed trailing whitespace 2010-02-14 19:40:18 +00:00
Makefile.am remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
Makefile.dist replaced wsock32.lib usage with ws2_32.lib in MSVC makefiles 2010-04-20 16:30:10 +02:00
maketgz restore executable bits on some files 2010-03-24 11:07:35 +01:00
missing renamed generated config.h to curl_config.h in order to avoid clashes when libcurl is used with other projects which also have a config.h. 2009-07-14 13:25:14 +00:00
mkinstalldirs remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
README various changes of CVS to git 2010-03-22 00:34:09 +01:00
RELEASE-NOTES OpenSSL: fix spurious SSL connection aborts 2010-06-05 23:41:58 +02:00
sample.emacs remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
TODO-RELEASE scrapped all left-over TODOs 2010-03-24 11:20:34 +01:00
vc6curl.dsw Renamed vc6 workspace and project files to avoid filename clash when used for conversion to later VS versions. 2009-05-08 17:51:44 +00:00

                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

README

  Curl is a command line tool for transferring data specified with URL
  syntax. Find out how to use curl by reading the curl.1 man page or the
  MANUAL document. Find out how to install Curl by reading the INSTALL
  document.

  libcurl is the library curl is using to do its job. It is readily
  available to be used by your software. Read the libcurl.3 man page to
  learn how!

  You find answers to the most frequent questions we get in the FAQ document.

  Study the COPYING file for distribution terms and similar. If you distribute
  curl binaries or other binaries that involve libcurl, you might enjoy the
  LICENSE-MIXING document.

CONTACT

  If you have problems, questions, ideas or suggestions, please contact us
  by posting to a suitable mailing list. See http://curl.haxx.se/mail/

  All contributors to the project are listed in the THANKS document.

WEB SITE

  Visit the curl web site for the latest news and downloads:

        http://curl.haxx.se/

GIT

  To download the very latest source off the GIT server do this:

    git clone git://github.com/bagder/curl.git

  (you'll get a directory named curl created, filled with the source code)

NOTICE

  Curl contains pieces of source code that is Copyright (c) 1998, 1999
  Kungliga Tekniska Högskolan. This notice is included here to comply with the
  distribution terms.