Mail Archives: cygwin/2020/11/30/19:00:35

Brian Inglis <Brian DOT Inglis AT SystematicSw DOT ab DOT ca> · Mon, 30 Nov 2020 16:59:43 -0700

On 2020-11-29 20:17, Sara Angel via Cygwin wrote:
> curl release package being a debug build is causing it to fail on success
> in some cases.
> 
> e.g.
> curl --cacert mycert.pem https://localhost:80
> curl: (56) OpenSSL SSL_read: Connection closed abruptly, errno 0 (Fatal
> because this is a curl debug build)
> 
> The only thing related to this bug I could find is that msys2 had the same
> issue in their curl package
> https://github.com/msys2/MSYS2-packages/issues/2223

Raised issue upstream:
https://github.com/curl/curl/issues/6266

and got upstream response pointer to:
https://github.com/curl/curl/blob/0d75bf9ae99f62ac5aab46cd281fd5a7e0760a69/lib/vtls/openssl.c#L4244-L4259
"For debug builds be a little stricter and error on any SSL_ERROR_SYSCALL.
For example a server may have closed the connection abruptly without a 
close_notify alert.

For compatibility with older peers we don't do this by default.
https://github.com/curl/curl/issues/4624

We can use this to gauge how many users may be affected, and if it goes ok 
eventually transition to allow in dev and release with the newest OpenSSL:
#if (OPENSSL_VERSION_NUMBER >= 0x10101000L)"

so will disable this in a new Cygwin release which will be uploaded soon.

*Curl users should be aware that deviations from strict protocol are deprecated 
and will be reported as errors unconditionally in a near future release.*

-- 
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]
--
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

X-Recipient:	archive-cygwin AT delorie DOT com
X-Original-To:	cygwin AT cygwin DOT com
Delivered-To:	cygwin AT cygwin DOT com
DMARC-Filter:	OpenDMARC Filter v1.3.2 sourceware.org C344B385782D
Authentication-Results:	sourceware.org; dmarc=none (p=none dis=none)
	header.from=SystematicSw.ab.ca
Authentication-Results:	sourceware.org;
	spf=none smtp.mailfrom=brian DOT inglis AT systematicsw DOT ab DOT ca
X-Authority-Analysis:	v=2.4 cv=Q4RsX66a c=1 sm=1 tr=0 ts=5fc58771
	a=kiZT5GMN3KAWqtYcXc+/4Q==:117 a=kiZT5GMN3KAWqtYcXc+/4Q==:17
	a=IkcTkHD0fZMA:10 a=ObcLf_uJAAAA:20 a=kPCIzciLAAAA:20
	a=94nOnFI1EgyDtX4ev68A:9 a=QEXdDO2ut3YA:10
To:	cygwin AT cygwin DOT com
References:	<CAKfce+DDx-xohMmn91vKh3RbLG2ENHNG59+mdsYkj-VJJsdGGg AT mail DOT gmail DOT com>
From:	Brian Inglis <Brian DOT Inglis AT SystematicSw DOT ab DOT ca>
Organization:	Systematic Software
Subject:	Re: curl release package is a debug build
Message-ID:	<a3488e6b-eab1-a667-d9f6-eac4395efa0e@SystematicSw.ab.ca>
Date:	Mon, 30 Nov 2020 16:59:43 -0700
User-Agent:	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
	Thunderbird/78.5.0
MIME-Version:	1.0
In-Reply-To:	<CAKfce+DDx-xohMmn91vKh3RbLG2ENHNG59+mdsYkj-VJJsdGGg@mail.gmail.com>
X-CMAE-Envelope:	MS4xfE2DwLEcLY0l0/q0bLWyyVpeqYGt1CyJ56fVcrvLHe/mG68sUHMHX/ThFcG/pci6SzCI4iOsMrwTjMud7B3qtqodZND0rkJtWqMZYJp+3a5f8q/R6ljk
	ki92gYAG3L6vHbVz7Zk1q/+ix3cTXk8b1iGelHoq7j0nvZ58OCIg5Loz8LDg4vyffoguEXKZ2ih27wc20fnQhvVbjUBEMOBwzn+S4wRhG31Th5/4+8FRuMQw
X-Spam-Status:	No, score=-6.1 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS,
	KAM_LAZY_DOMAIN_SECURITY, NICE_REPLY_A, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2,
	SPF_HELO_NONE, SPF_NONE, TXREP autolearn=no autolearn_force=no version=3.4.2
X-Spam-Checker-Version:	SpamAssassin 3.4.2 (2018-09-13) on
	server2.sourceware.org
X-BeenThere:	cygwin AT cygwin DOT com
X-Mailman-Version:	2.1.29
List-Id:	General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe:	<https://cygwin.com/mailman/options/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive:	<https://cygwin.com/pipermail/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe:	<https://cygwin.com/mailman/listinfo/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
Reply-To:	cygwin AT cygwin DOT com
Cc:	Sara Angel <r33bow AT gmail DOT com>
Errors-To:	cygwin-bounces AT cygwin DOT com
Sender:	"Cygwin" <cygwin-bounces AT cygwin DOT com>

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019