moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-11-11 12:05:06 -05:00
Code Issues Releases Wiki Activity
b249592d29
curl/lib/vtls
History
Michael Kaufmann b249592d29 ssl: read pending close notify alert before closing the connection 
This avoids a TCP reset (RST) if the server initiates a connection
shutdown by sending an SSL close notify alert and then closes the TCP
connection.

For SSL connections, usually the server announces that it will close the
connection with an SSL close notify alert. curl should read this alert.
If curl does not read this alert and just closes the connection, some
operating systems close the TCP connection with an RST flag.

See RFC 1122, section 4.2.2.13

If curl reads the close notify alert, the TCP connection is closed
normally with a FIN flag.

The new code is similar to existing code in the "SSL shutdown" function:
try to read an alert (non-blocking), and ignore any read errors.

Closes #7095
2021-06-01 09:40:40 +02:00
..
bearssl.c bearssl: explicitly initialize all fields of Curl_ssl 2021-05-26 14:43:45 +02:00
bearssl.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
gskit.c openssl: associate/detach the transfer from connection 2021-05-24 13:15:10 +02:00
gskit.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
gtls.c ssl: read pending close notify alert before closing the connection 2021-06-01 09:40:40 +02:00
gtls.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
keylog.c curl.se: new home 2020-11-04 23:59:47 +01:00
keylog.h curl.se: new home 2020-11-04 23:59:47 +01:00
mbedtls_threadlock.c curl.se: new home 2020-11-04 23:59:47 +01:00
mbedtls_threadlock.h curl.se: new home 2020-11-04 23:59:47 +01:00
mbedtls.c ssl: read pending close notify alert before closing the connection 2021-06-01 09:40:40 +02:00
mbedtls.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
mesalink.c openssl: associate/detach the transfer from connection 2021-05-24 13:15:10 +02:00
mesalink.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
nss.c ssl: read pending close notify alert before closing the connection 2021-06-01 09:40:40 +02:00
nssg.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
openssl.c ssl: read pending close notify alert before closing the connection 2021-06-01 09:40:40 +02:00
openssl.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
rustls.c rustls: switch read_tls and write_tls to callbacks 2021-05-24 16:40:59 +02:00
rustls.h copyright: update copyright year ranges to 2021 2021-03-27 23:00:14 +01:00
schannel_verify.c SSL: support in-memory CA certs for some backends 2021-05-05 02:29:16 -04:00
schannel.c schannel: set ALPN length correctly for HTTP/2 2021-05-27 08:27:35 +02:00
schannel.h schannel: don't use static to store selected ciphers 2021-05-24 07:56:05 +02:00
sectransp.c sectransp: fix EXC_BAD_ACCESS caused by uninitialized buffer 2021-05-25 11:22:09 +02:00
sectransp.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00
vtls.c Curl_ssl_getsessionid: fail if no session cache exists 2021-05-31 20:41:40 +02:00
vtls.h openssl: associate/detach the transfer from connection 2021-05-24 13:15:10 +02:00
wolfssl.c ssl: read pending close notify alert before closing the connection 2021-06-01 09:40:40 +02:00
wolfssl.h copyright: fix year ranges 2020-11-05 08:22:10 +01:00