X-Recipient: archive-cygwin@delorie.com X-Original-To: cygwin@cygwin.com Delivered-To: cygwin@cygwin.com DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org C344B385782D Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=SystematicSw.ab.ca Authentication-Results: sourceware.org; spf=none smtp.mailfrom=brian.inglis@systematicsw.ab.ca X-Authority-Analysis: v=2.4 cv=Q4RsX66a c=1 sm=1 tr=0 ts=5fc58771 a=kiZT5GMN3KAWqtYcXc+/4Q==:117 a=kiZT5GMN3KAWqtYcXc+/4Q==:17 a=IkcTkHD0fZMA:10 a=ObcLf_uJAAAA:20 a=kPCIzciLAAAA:20 a=94nOnFI1EgyDtX4ev68A:9 a=QEXdDO2ut3YA:10 To: cygwin@cygwin.com References: From: Brian Inglis Organization: Systematic Software Subject: Re: curl release package is a debug build Message-ID: Date: Mon, 30 Nov 2020 16:59:43 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 MIME-Version: 1.0 In-Reply-To: Content-Language: en-CA X-CMAE-Envelope: MS4xfE2DwLEcLY0l0/q0bLWyyVpeqYGt1CyJ56fVcrvLHe/mG68sUHMHX/ThFcG/pci6SzCI4iOsMrwTjMud7B3qtqodZND0rkJtWqMZYJp+3a5f8q/R6ljk ki92gYAG3L6vHbVz7Zk1q/+ix3cTXk8b1iGelHoq7j0nvZ58OCIg5Loz8LDg4vyffoguEXKZ2ih27wc20fnQhvVbjUBEMOBwzn+S4wRhG31Th5/4+8FRuMQw X-Spam-Status: No, score=-6.1 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS, KAM_LAZY_DOMAIN_SECURITY, NICE_REPLY_A, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: cygwin@cygwin.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: General Cygwin discussions and problem reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: cygwin@cygwin.com Cc: Sara Angel Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: cygwin-bounces@cygwin.com Sender: "Cygwin" On 2020-11-29 20:17, Sara Angel via Cygwin wrote: > curl release package being a debug build is causing it to fail on success > in some cases. > > e.g. > curl --cacert mycert.pem https://localhost:80 > curl: (56) OpenSSL SSL_read: Connection closed abruptly, errno 0 (Fatal > because this is a curl debug build) > > The only thing related to this bug I could find is that msys2 had the same > issue in their curl package > https://github.com/msys2/MSYS2-packages/issues/2223 Raised issue upstream: https://github.com/curl/curl/issues/6266 and got upstream response pointer to: https://github.com/curl/curl/blob/0d75bf9ae99f62ac5aab46cd281fd5a7e0760a69/lib/vtls/openssl.c#L4244-L4259 "For debug builds be a little stricter and error on any SSL_ERROR_SYSCALL. For example a server may have closed the connection abruptly without a close_notify alert. For compatibility with older peers we don't do this by default. https://github.com/curl/curl/issues/4624 We can use this to gauge how many users may be affected, and if it goes ok eventually transition to allow in dev and release with the newest OpenSSL: #if (OPENSSL_VERSION_NUMBER >= 0x10101000L)" so will disable this in a new Cygwin release which will be uploaded soon. *Curl users should be aware that deviations from strict protocol are deprecated and will be reported as errors unconditionally in a near future release.* -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada This email may be disturbing to some readers as it contains too much technical detail. Reader discretion is advised. [Data in binary units and prefixes, physical quantities in SI.] -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple