On 2020-11-29 20:17, Sara Angel via Cygwin wrote:
curl release package being a debug build is causing it to fail on success
in some cases.
e.g.
curl --cacert mycert.pem https://localhost:80
curl: (56) OpenSSL SSL_read: Connection closed abruptly, errno 0 (Fatal
because this is a curl debug build)
The only thing related to this bug I could find is that msys2 had the same
issue in their curl package
https://github.com/msys2/MSYS2-packages/issues/2223
Raised issue upstream:
https://github.com/curl/curl/issues/6266
and got upstream response pointer to:
https://github.com/curl/curl/blob/0d75bf9ae99f62ac5aab46cd281fd5a7e0760a69/lib/vtls/openssl.c#L4244-L4259
"For debug builds be a little stricter and error on any SSL_ERROR_SYSCALL.
For example a server may have closed the connection abruptly without a
close_notify alert.
For compatibility with older peers we don't do this by default.
https://github.com/curl/curl/issues/4624
We can use this to gauge how many users may be affected, and if it goes ok
eventually transition to allow in dev and release with the newest OpenSSL:
#if (OPENSSL_VERSION_NUMBER >= 0x10101000L)"
so will disable this in a new Cygwin release which will be uploaded soon.
*Curl users should be aware that deviations from strict protocol are deprecated
and will be reported as errors unconditionally in a near future release.*
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
