Re: Proposed changes to SSL comparison documentation

2013-05-04 Thread David Strauss
It would be useful to include SNI support in the comparison. cURL has supported SNI since 7.18.1, but the library has to support it, too. I know older versions of Microsoft's libraries lack it, notably on Windows XP. "[NSS] suffers a bit from being seen as only used by Mozilla's browser and mail c

RE: Proposed changes to SSL comparison documentation

2013-05-04 Thread Steve Holme
On Sat, 4 May 2013, Nick Zitzmann wrote: > The documentation at > is missing sections for Windows- and Darwin-native SSL, and also > doesn't mention a few key differences between engines, like > whether they're database-driven or file-driven or both, or

Re: BUG: NULL pointer dereference in Curl_ssl_getsessionid.

2013-05-04 Thread Marc Hoersken
2013/5/4 Vuurvlieg : > It is because of the line @ multi.c:1767 > conn->data = multi->closure_handle; > > It replaces the "correct" state (which has session properly allocated) with > the closure_handle which does not have it. > > I can't figure out the correct fix. > Should it be illegal to call C

Re: BUG: NULL pointer dereference in Curl_ssl_getsessionid.

2013-05-04 Thread Marc Hoersken
I just found a new way to workaround this problem with the state being replaced. The attached patch introduces a new field in the internal session structure to keep track of the currently cached session. With this change the invalid memory access is gone and the Schannel Credential handle (session

Re: BUG: NULL pointer dereference in Curl_ssl_getsessionid.

2013-05-04 Thread Vuurvlieg
On Sat, May 4, 2013 at 7:31 PM, Marc Hoersken wrote: > I was looking into this issue again, but I still cannot understand why > data->state.session is NULL in Curl_ssl_getsessionid during > Curl_ssl_shutdown. > It is because of the line @ multi.c:1767 conn->data = multi->closure_handle; It repl

Re: Any build of libcurl for ICC?

2013-05-04 Thread Taiki
Hello, I performed a couple of test and confirmed that the crash occure in curl_pgrsupdate(), in progess.c at line 378. It crashed when returning 0 with the following message: "The instrumentation code stack cookie detected an overflow of the stack buffer". This happen during an HTTP request. H

Re: BUG: NULL pointer dereference in Curl_ssl_getsessionid.

2013-05-04 Thread Marc Hoersken
2013/4/29 Daniel Stenberg > Could be, sure. But I gave this a glance and it wasn't obvious to me where > the problem is... I was looking into this issue again, but I still cannot understand why data->state.session is NULL in Curl_ssl_getsessionid during Curl_ssl_shutdown. gdb.log Description: