moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2025-02-28 09:21:50 -05:00
Code Issues Releases Wiki Activity

polarssl: fix hangs

Browse Source 
This bugfix is similar to commit c111178bd4.
This commit is contained in:
Michael Kaufmann 2017-01-28 19:45:52 +01:00
parent cbd4e1fa0d
commit bcca842e0d
3 changed files with 16 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
docs/KNOWN_BUGS
View File

@ -24,10 +24,9 @@ problems may have been fixed or changed somewhat since this was written!
1.11 CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM
2. TLS
2.1 Hangs with PolarSSL
2.2 CURLINFO_SSL_VERIFYRESULT has limited support
2.3 DER in keychain
2.4 GnuTLS backend skips really long certificate fields
2.1 CURLINFO_SSL_VERIFYRESULT has limited support
2.2 DER in keychain
2.3 GnuTLS backend skips really long certificate fields
3. Email protocols
3.1 IMAP SEARCH ALL truncated response
@ -207,26 +206,17 @@ problems may have been fixed or changed somewhat since this was written!
2. TLS
2.1 Hangs with PolarSSL
"curl_easy_perform hangs with imap and PolarSSL"
https://github.com/curl/curl/issues/334
Most likely, a fix similar to commit c111178bd4 (for mbedTLS) is
necessary. Or if we just wait a little longer we'll rip out all support for
PolarSSL instead...
2.2 CURLINFO_SSL_VERIFYRESULT has limited support
2.1 CURLINFO_SSL_VERIFYRESULT has limited support
CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS
backends, so relying on this information in a generic app is flaky.
2.3 DER in keychain
2.2 DER in keychain
Curl doesn't recognize certificates in DER format in keychain, but it works
with PEM. https://curl.haxx.se/bug/view.cgi?id=1065
2.4 GnuTLS backend skips really long certificate fields
2.3 GnuTLS backend skips really long certificate fields
libcurl calls gnutls_x509_crt_get_dn() with a fixed buffer size and if the
field is too long in the cert, it'll just return an error and the field will

8
lib/vtls/polarssl.c
View File

@ -816,4 +816,12 @@ void Curl_polarssl_cleanup(void)
(void)Curl_polarsslthreadlock_thread_cleanup();
}
int Curl_polarssl_data_pending(const struct connectdata *conn, int sockindex)
{
ssl_context *ssl =
(ssl_context *)&conn->ssl[sockindex].ssl;
return ssl->in_msglen != 0;
}
#endif /* USE_POLARSSL */

3
lib/vtls/polarssl.h
View File

@ -31,6 +31,7 @@
/* Called on first use PolarSSL, setup threading if supported */
int Curl_polarssl_init(void);
void Curl_polarssl_cleanup(void);
int Curl_polarssl_data_pending(const struct connectdata *conn, int sockindex);
CURLcode Curl_polarssl_connect(struct connectdata *conn, int sockindex);
@ -69,7 +70,7 @@ int Curl_polarssl_shutdown(struct connectdata *conn, int sockindex);
#define curlssl_engines_list(x) ((void)x, (struct curl_slist *)NULL)
#define curlssl_version Curl_polarssl_version
#define curlssl_check_cxn(x) ((void)x, -1)
#define curlssl_data_pending(x,y) ((void)x, (void)y, 0)
#define curlssl_data_pending(x,y) Curl_polarssl_data_pending(x, y)
#define curlssl_sha256sum(a,b,c,d) sha256(a,b,c,0)
/* This might cause libcurl to use a weeker random!