Mark Eichin submitted bug report #1480821

(http://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a problem with how libcurl dealt with GnuTLS and a case where gnutls returned GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected return code, making Curl_ssl_send() confuse the upper layer - causing random 28 bytes trash data to get inserted in the transfered stream. The proper fix was to make the Curl_gtls_send() function return the proper return codes that the callers would expect. The Curl_ossl_send() function already did this.

Mark Eichin submitted bug report #1480821
758f6eed · Daniel Stenberg · 80ee5d3b · 758f6eed · 758f6eed · 758f6eed
Commit 758f6eed authored 18 years ago by Daniel Stenberg
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,18 @@

                                  Changelog

+Daniel (4 May 2006)
+- Mark Eichin submitted bug report #1480821
+  (http://curl.haxx.se/bug/view.cgi?id=1480821) He found and identified a
+  problem with how libcurl dealt with GnuTLS and a case where gnutls returned
+  GNUTLS_E_AGAIN indicating it would block. It would then return an unexpected
+  return code, making Curl_ssl_send() confuse the upper layer - causing random
+  28 bytes trash data to get inserted in the transfered stream.
+
+  The proper fix was to make the Curl_gtls_send() function return the proper
+  return codes that the callers would expect. The Curl_ossl_send() function
+  already did this.
+
 Daniel (2 May 2006)
 - Added a --checkfor option to curl-config to allow users to easier 
  write for example shell scripts that test for the presence of a 

--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -20,6 +20,7 @@ This release includes the following changes:

 This release includes the following bugfixes:

+ o GnuTLS non-block case that could cause data trashing
 o deflate code survives lack of zlib header
 o CURLOPT_INTERFACE works with hostname
 o configure runs fine with ICC
@@ -46,6 +47,6 @@ advice from friends like these:

 Dan Fandrich, Ilja van Sprundel, David McCreedy, Tor Arntsen, Xavier Bouchoux,
 David Byron, Michele Bini, Ates Goral, Katie Wang, Robson Braga Araujo,
- Ale Vesely, Paul Querna, Gisle Vanem
+ Ale Vesely, Paul Querna, Gisle Vanem, Mark Eichin

        Thanks! (and sorry if I forgot to mention someone)
--- a/lib/gtls.c
+++ b/lib/gtls.c
@@ -458,6 +458,12 @@ int Curl_gtls_send(struct connectdata *conn,
  int rc;
  rc = gnutls_record_send(conn->ssl[sockindex].session, mem, len);

+  if(rc < 0 ) {
+    if(rc == GNUTLS_E_AGAIN)
+      return 0; /* EWOULDBLOCK equivalent */
+    rc = -1; /* generic error code for send failure */
+  }
+
  return rc;
 }