Marc, et all, Thanks for providing the test URL. I found that I was seeing the infinite loop during renegotiate even before the doread change (72a5813), so it doesn't seem to have introduced the problem.
Anyway, I have a fix for the renegotiate problem. It's very simple - if the connect state is ssl_connect_2_writing, doread is set to false. Mark -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Marc Hoersken Sent: Wednesday, June 20, 2012 1:49 AM To: libcurl development Subject: Re: further schannel improvements Hi there, 2012/6/20 Yang Tse <[email protected]>: > On Tue, Jun 19, 2012 at 5:22 AM, Yang Tse <[email protected]> wrote: > >> Relative to seven patch files posted Fri, Jun 15, 2012 at 2:24 AM by >> Mark Salisbury Mark... >> >> Patches 0002-* and 0004-* not yet integrated. All other five somewhat >> adjusted and pushed to repo. > > All seven patch files integrated/adjusted/pushed.to repo. > > Please test thanks a lot, Yang and Mark! But there is one new problem being introduced by some of those patches. It seems like the new handshake logic is unable to handle the renegotiation if requested by the remote party. The new "doread" variable will make curl try to read more data in an endless loop, even though the data is already in the encrypted data buffer. This means we need to change that logic to support doread being set to FALSE from the beginning for renegotiation. I suggest that doread or a similar variable is made a parameter to the step2 function. This would allow the schannel_recv function to pass FALSE into that. What do you think? You can test the renegotiation against https://stuff.marc-hoersken.de/renegotiate/ Best regards, Marc ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
0001-schannel-SSL-fix-for-renegotiate-problem.patch
Description: 0001-schannel-SSL-fix-for-renegotiate-problem.patch
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
