[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 96/173: polarssl: fix hangs
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 96/173: polarssl: fix hangs |
Date: |
Fri, 24 Feb 2017 14:01:58 +0100 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.53.1
in repository gnurl.
commit bcca842e0d2b2a70b776cf888572739bda11dac7
Author: Michael Kaufmann <address@hidden>
AuthorDate: Sat Jan 28 19:45:52 2017 +0100
polarssl: fix hangs
This bugfix is similar to commit c111178bd4.
---
docs/KNOWN_BUGS | 22 ++++++----------------
lib/vtls/polarssl.c | 8 ++++++++
lib/vtls/polarssl.h | 3 ++-
3 files changed, 16 insertions(+), 17 deletions(-)
diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS
index 80feba071..12eeedd02 100644
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -24,10 +24,9 @@ problems may have been fixed or changed somewhat since this
was written!
1.11 CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM
2. TLS
- 2.1 Hangs with PolarSSL
- 2.2 CURLINFO_SSL_VERIFYRESULT has limited support
- 2.3 DER in keychain
- 2.4 GnuTLS backend skips really long certificate fields
+ 2.1 CURLINFO_SSL_VERIFYRESULT has limited support
+ 2.2 DER in keychain
+ 2.3 GnuTLS backend skips really long certificate fields
3. Email protocols
3.1 IMAP SEARCH ALL truncated response
@@ -207,26 +206,17 @@ problems may have been fixed or changed somewhat since
this was written!
2. TLS
-2.1 Hangs with PolarSSL
-
- "curl_easy_perform hangs with imap and PolarSSL"
- https://github.com/curl/curl/issues/334
-
- Most likely, a fix similar to commit c111178bd4 (for mbedTLS) is
- necessary. Or if we just wait a little longer we'll rip out all support for
- PolarSSL instead...
-
-2.2 CURLINFO_SSL_VERIFYRESULT has limited support
+2.1 CURLINFO_SSL_VERIFYRESULT has limited support
CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS
backends, so relying on this information in a generic app is flaky.
-2.3 DER in keychain
+2.2 DER in keychain
Curl doesn't recognize certificates in DER format in keychain, but it works
with PEM. https://curl.haxx.se/bug/view.cgi?id=1065
-2.4 GnuTLS backend skips really long certificate fields
+2.3 GnuTLS backend skips really long certificate fields
libcurl calls gnutls_x509_crt_get_dn() with a fixed buffer size and if the
field is too long in the cert, it'll just return an error and the field will
diff --git a/lib/vtls/polarssl.c b/lib/vtls/polarssl.c
index 4bba3e3f2..1a9421d82 100644
--- a/lib/vtls/polarssl.c
+++ b/lib/vtls/polarssl.c
@@ -816,4 +816,12 @@ void Curl_polarssl_cleanup(void)
(void)Curl_polarsslthreadlock_thread_cleanup();
}
+
+int Curl_polarssl_data_pending(const struct connectdata *conn, int sockindex)
+{
+ ssl_context *ssl =
+ (ssl_context *)&conn->ssl[sockindex].ssl;
+ return ssl->in_msglen != 0;
+}
+
#endif /* USE_POLARSSL */
diff --git a/lib/vtls/polarssl.h b/lib/vtls/polarssl.h
index 7098b24a4..47af7b417 100644
--- a/lib/vtls/polarssl.h
+++ b/lib/vtls/polarssl.h
@@ -31,6 +31,7 @@
/* Called on first use PolarSSL, setup threading if supported */
int Curl_polarssl_init(void);
void Curl_polarssl_cleanup(void);
+int Curl_polarssl_data_pending(const struct connectdata *conn, int sockindex);
CURLcode Curl_polarssl_connect(struct connectdata *conn, int sockindex);
@@ -69,7 +70,7 @@ int Curl_polarssl_shutdown(struct connectdata *conn, int
sockindex);
#define curlssl_engines_list(x) ((void)x, (struct curl_slist *)NULL)
#define curlssl_version Curl_polarssl_version
#define curlssl_check_cxn(x) ((void)x, -1)
-#define curlssl_data_pending(x,y) ((void)x, (void)y, 0)
+#define curlssl_data_pending(x,y) Curl_polarssl_data_pending(x, y)
#define curlssl_sha256sum(a,b,c,d) sha256(a,b,c,0)
/* This might cause libcurl to use a weeker random!
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 51/173: url: Refactor detect_proxy(), (continued)
- [GNUnet-SVN] [gnurl] 51/173: url: Refactor detect_proxy(), gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 50/173: url: Fix NO_PROXY env var to work properly with --proxy option., gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 68/173: TODO: send only part of --data, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 61/173: unix_socket: add support for abstract unix domain socket, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 92/173: telnet: fix windows compiler warnings, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 84/173: vtls: fix mbedtls multi non blocking handshake., gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 104/173: cmake: Support curl --xattr when built with cmake, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 76/173: parseurl: move back buffer to function scope, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 77/173: usercertinmem.c: improve the short description, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 101/173: docs: we no longer ship HTML versions of man pages, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 96/173: polarssl: fix hangs,
gnunet <=
- [GNUnet-SVN] [gnurl] 112/173: darwinssl: Avoid parsing certificates when not in verbose mode, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 95/173: cookies: do not assume a valid domain has a dot, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 66/173: TODO: Chunked transfer multipart formpost, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 137/173: TODO: consider file name from the redirected URL with -O ?, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 107/173: use *.sourceforge.io and misc URL updates, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 70/173: docs: improved language in README.md HISTORY.md CONTRIBUTE.md, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 113/173: test552: Fix typos, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 131/173: configure: Allow disabling pthreads, fall back on Win32 threads, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 103/173: openssl: Don't use certificate after transferring ownership, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 141/173: proxy: fix hostname resolution and IDN conversion, gnunet, 2017/02/24