aboutsummaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorConstantine Sapuntzakis <csapuntz@gmail.com>2010-06-05 23:41:58 +0200
committerDaniel Stenberg <daniel@haxx.se>2010-06-05 23:41:58 +0200
commita0dd9df9ab35528eb9eb669e741a5df4b1fb833c (patch)
treecca73863d2c3c0115bc6911db7634bfbd0bd93c0 /docs
parent4724b9d966e0785a875018a33861076501a83929 (diff)
OpenSSL: fix spurious SSL connection aborts
Was seeing spurious SSL connection aborts using libcurl and OpenSSL. I tracked it down to uncleared error state on the OpenSSL error stack - patch attached deals with that. Rough idea of problem: Code that uses libcurl calls some library that uses OpenSSL but don't clear the OpenSSL error stack after an error. ssluse.c calls SSL_read which eventually gets an EWOULDBLOCK from the OS. Returns -1 to indicate an error ssluse.c calls SSL_get_error. First thing, SSL_get_error calls ERR_get_error to check the OpenSSL error stack, finds an old error and returns SSL_ERROR_SSL instead of SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. ssluse.c returns an error and aborts the connection Solution: Clear the openssl error stack before calling SSL_* operation if we're going to call SSL_get_error afterwards. Notes: This is much more likely to happen with multi because it's easier to intersperse other calls to the OpenSSL library in the same thread.
Diffstat (limited to 'docs')
0 files changed, 0 insertions, 0 deletions