New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SSL_peek is not a const operation #795

Closed
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
2 participants
@Andersbakken
Contributor

Andersbakken commented May 10, 2016

Calling SSL_peek can cause bytes to be read from the raw socket which in
turn can upset the select machinery that determines whether there's data
available on the socket.

Since Curl_ossl_check_cxn only tries to determine whether the socket is
alive and doesn't actually need to see the bytes SSL_peek seems like
the wrong function to call.

We're able to occasionally reproduce a connect timeout due to this
bug. What happens is that Curl doesn't know to call SSL_connect again
after the peek happens since data is buffered in the SSL buffer and thus
select won't fire for this socket.

SSL_peek is not a const operation
Calling SSL_peek can cause bytes to be read from the raw socket which in
turn can upset the select machinery that determines whether there's data
available on the socket.

Since Curl_ossl_check_cxn only tries to determine whether the socket is
alive and doesn't actually need to see the bytes SSL_peek seems like
the wrong function to call.

We're able to occasionally reproduce a connect timeout due to this
bug. What happens is that Curl doesn't know to call SSL_connect again
after the peek happens since data is buffered in the SSL buffer and thus
select won't fire for this socket.

@bagder bagder closed this in 856baf5 May 10, 2016

@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder May 10, 2016

Member

Thanks!

Member

bagder commented May 10, 2016

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment