| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-Original-To: | cygwin AT cygwin DOT com |
| Delivered-To: | cygwin AT cygwin DOT com |
| DMARC-Filter: | OpenDMARC Filter v1.3.2 sourceware.org 99CF13858034 |
| Authentication-Results: | sourceware.org; dmarc=none (p=none dis=none) |
| header.from=SystematicSw.ab.ca | |
| Authentication-Results: | sourceware.org; |
| spf=none smtp.mailfrom=brian DOT inglis AT systematicsw DOT ab DOT ca | |
| X-Authority-Analysis: | v=2.4 cv=Q4RsX66a c=1 sm=1 tr=0 ts=5fc81298 |
| a=kiZT5GMN3KAWqtYcXc+/4Q==:117 a=kiZT5GMN3KAWqtYcXc+/4Q==:17 | |
| a=IkcTkHD0fZMA:10 a=ObcLf_uJAAAA:20 a=kPCIzciLAAAA:20 | |
| a=uYT-Tk0qkVT609LjNaIA:9 a=QEXdDO2ut3YA:10 | |
| Subject: | Re: curl release package is a debug build |
| To: | cygwin AT cygwin DOT com |
| References: | <CAKfce+DDx-xohMmn91vKh3RbLG2ENHNG59+mdsYkj-VJJsdGGg AT mail DOT gmail DOT com> |
| <a3488e6b-eab1-a667-d9f6-eac4395efa0e AT SystematicSw DOT ab DOT ca> | |
| From: | Brian Inglis <Brian DOT Inglis AT SystematicSw DOT ab DOT ca> |
| Organization: | Systematic Software |
| Message-ID: | <67598ad8-00c0-c8f2-1f6b-3f6f3bb93a21@SystematicSw.ab.ca> |
| Date: | Wed, 2 Dec 2020 15:17:59 -0700 |
| User-Agent: | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 |
| Thunderbird/78.5.0 | |
| MIME-Version: | 1.0 |
| In-Reply-To: | <a3488e6b-eab1-a667-d9f6-eac4395efa0e@SystematicSw.ab.ca> |
| X-CMAE-Envelope: | MS4xfJn02ifVaDoeZb3pkU0t4ncpkuhj6HSeQxEY7j4BfgErZ1W7N0HktzFFXvMdQUOPUYZgDqugHL1WqVW8aiPuuMpNTPSwwv/LWMfE0FoQILBg7jS6JZ/k |
| cMoouv9Jj0tgIS4NNDWZQjmA2+3O4MxVw4DpSU1vsWH9FPh0zVh1Lzbh8FAdlCP6nlAijxUxyEklxiehQewRcqkFpLnK5lJPrN0= | |
| X-Spam-Status: | No, score=-6.0 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS, |
| KAM_LAZY_DOMAIN_SECURITY, NICE_REPLY_A, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, | |
| SPF_HELO_NONE, SPF_NONE, TXREP autolearn=no autolearn_force=no version=3.4.2 | |
| X-Spam-Checker-Version: | SpamAssassin 3.4.2 (2018-09-13) on |
| server2.sourceware.org | |
| X-BeenThere: | cygwin AT cygwin DOT com |
| X-Mailman-Version: | 2.1.29 |
| List-Id: | General Cygwin discussions and problem reports <cygwin.cygwin.com> |
| List-Unsubscribe: | <https://cygwin.com/mailman/options/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe> | |
| List-Archive: | <https://cygwin.com/pipermail/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-request AT cygwin DOT com?subject=help> |
| List-Subscribe: | <https://cygwin.com/mailman/listinfo/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=subscribe> | |
| Reply-To: | cygwin AT cygwin DOT com |
| Errors-To: | cygwin-bounces AT cygwin DOT com |
| Sender: | "Cygwin" <cygwin-bounces AT cygwin DOT com> |
On 2020-11-30 16:59, Brian Inglis wrote: > On 2020-11-29 20:17, Sara Angel via Cygwin wrote: >> curl release package being a debug build is causing it to fail on success >> in some cases. >> >> e.g. >> curl --cacert mycert.pem https://localhost:80 >> curl: (56) OpenSSL SSL_read: Connection closed abruptly, errno 0 (Fatal >> because this is a curl debug build) >> >> The only thing related to this bug I could find is that msys2 had the same >> issue in their curl package >> https://github.com/msys2/MSYS2-packages/issues/2223 > > Raised issue upstream: > https://github.com/curl/curl/issues/6266 > > and got upstream response pointer to: > https://github.com/curl/curl/blob/0d75bf9ae99f62ac5aab46cd281fd5a7e0760a69/lib/vtls/openssl.c#L4244-L4259 > > "For debug builds be a little stricter and error on any SSL_ERROR_SYSCALL. > For example a server may have closed the connection abruptly without a > close_notify alert. > > For compatibility with older peers we don't do this by default. > https://github.com/curl/curl/issues/4624 > > We can use this to gauge how many users may be affected, and if it goes ok > eventually transition to allow in dev and release with the newest OpenSSL: > #if (OPENSSL_VERSION_NUMBER >= 0x10101000L)" > > so will disable this in a new Cygwin release which will be uploaded soon. > > *Curl users should be aware that deviations from strict protocol are deprecated > and will be reported as errors unconditionally in a near future release.* Other maintainers think that as this upstream behaviour will likely become the default in the next or a near future release, we might as well leave the upstream behaviour enabled in the current release. I am now more inclined to go along with this approach. Alternatively we could patch the current Cygwin release to disable this feature for only the current release, and ensure the upstream behaviour becomes the default in the next release. What do curl users and developers think should happen? -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada This email may be disturbing to some readers as it contains too much technical detail. Reader discretion is advised. [Data in binary units and prefixes, physical quantities in SI.] -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |