mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2024-12-15 06:40:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

TODO: Schannel: 'Add option to allow abrupt server closure'

Browse Source 
We should offer an option to allow abrupt server closures (server closes
SSL transfer without sending a known termination point such as length of
transfer or close_notify alert). Abrupt server closures are usually
because of misconfigured or very old servers.

Closes https://github.com/curl/curl/issues/4427
This commit is contained in:
Jay Satiro 2020-07-30 12:25:05 -04:00
parent a12a16151a
commit 40909c405b
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/TODO
View File

@ -123,6 +123,7 @@
15.1 Extend support for client certificate authentication
15.2 Extend support for the --ciphers option
15.3 Add option to disable client certificate auto-send
15.4 Add option to allow abrupt server closure
16. SASL
16.1 Other authentication mechanisms
@ -842,6 +843,15 @@ that doesn't exist on the server, just like --ftp-create-dirs.
https://github.com/curl/curl/issues/2262
15.4 Add option to allow abrupt server closure
libcurl w/schannel will error without a known termination point from the
server (such as length of transfer, or SSL "close notify" alert) to prevent
against a truncation attack. Really old servers may neglect to send any
termination point. An option could be added to ignore such abrupt closures.
https://github.com/curl/curl/issues/4427
16. SASL
16.1 Other authentication mechanisms