Package: libcurl3 Version: 7.52.1-1 Severity: important Tags: fixed-upstream, patch
Dear Maintainer, with 7.52.1-1, I got hanging connections when trying to fetch SSL URLs using the multi_socket API. It works with 7.50.1-1, and I also noticed it works when using the current upstream master version (d0837f36db). Using git bisect, I found the commit fixing the issue: a7b38c9dc9, and it turned out it was a known upstream bug (regression): https://github.com/curl/curl/issues/1174 I considered setting an RC severity, as this completely breaks SSL for other packages (e.g. zurl). But as curl has a lot of different use cases, and 'only' SSL with the multi_socket API is affected, I decided to go with 'important'. Still, please try to uplaod a fixed package before the freeze. Jan ---------------------------------------------------------------------- commit a7b38c9dc98481e4a5fc37e51a8690337c674dfb Author: Daniel Stenberg <dan...@haxx.se> Date: Mon Dec 26 00:06:33 2016 +0100 vtls: s/SSLEAY/OPENSSL Fixed an old leftover use of the USE_SSLEAY define which would make a socket get removed from the applications sockets to monitor when the multi_socket API was used, leading to timeouts. Bug: #1174 diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index b808e1c5f..707f24b02 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -484,7 +484,7 @@ void Curl_ssl_close_all(struct Curl_easy *data) curlssl_close_all(data); } -#if defined(USE_SSLEAY) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \ +#if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \ defined(USE_DARWINSSL) || defined(USE_NSS) /* This function is for OpenSSL, GnuTLS, darwinssl, and schannel only. */ int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks, @@ -518,7 +518,7 @@ int Curl_ssl_getsock(struct connectdata *conn, (void)numsocks; return GETSOCK_BLANK; } -/* USE_SSLEAY || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */ +/* USE_OPENSSL || USE_GNUTLS || USE_SCHANNEL || USE_DARWINSSL || USE_NSS */ #endif void Curl_ssl_close(struct connectdata *conn, int sockindex) ---------------------------------------------------------------------- -- System Information: Debian Release: 9.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.9.5-smapi-x61s-00006-g16efcd4 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libcurl3 depends on: ii libc6 2.24-9 ii libcomerr2 1.43.3-1 ii libgssapi-krb5-2 1.15-1 ii libidn2-0 0.16-1 ii libk5crypto3 1.15-1 ii libkrb5-3 1.15-1 ii libldap-2.4-2 2.4.44+dfsg-3 ii libnghttp2-14 1.18.1-1 ii libpsl5 0.16.1-1 ii librtmp1 2.4+20151223.gitfa8646d.1-1 ii libssh2-1 1.7.0-1 ii libssl1.0.2 1.0.2j-5 ii zlib1g 1:1.2.8.dfsg-4 Versions of packages libcurl3 recommends: ii ca-certificates 20161130 libcurl3 suggests no packages. -- no debconf information
