>> Maybe you could create handle pool? App would get handle from it or
>> create new one if pool is empty, and returned handle to the pool instead
>> of destroying it.
>
>Well, I will for sure look at the issue.
>I can see that we partially re-use the handle. It's alive throughout the whole
> So CURLOPT_POSTFIELDSIZE wasn't set?
Well, yeah, but the story is deeper.
Thanks to fixing the request, we were now able to stream the data, instead of
buffering everything first.
--
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette:
> Maybe you could create handle pool? App would get handle from it or
> create new one if pool is empty, and returned handle to the pool instead
> of destroying it.
Well, I will for sure look at the issue.
I can see that we partially re-use the handle. It's alive throughout the whole
incoming
> That's also basically what the CA caching does.
The caching does a bit more - it stores the parsed bundle.
> If you ask me, that's almost like begging for problems since you then ditch
> the caches and ruins the ability to do things faster in subsequent transfers,
> over and over.
Agree
> This is not the only performance regression people have found and reported on
> OpenSSL 3.x. Luckily, we support lots of other libraries as well.
Yeah, I'm aware.
I maybe could live the other perf. regressions, even though they altogether
cost me ~30% drop in rq/s,
but that one was hge.
Hi All,
first, I know this is not really a curl issue per se, but I wanted to draw
attention to the problem.
After I upgraded a bunch of libraries in our project, our customers noticed
slowness in HTTP requests. I have profiled it, and 84% of the time was spent in
fgets(...) reading the
> I have a scenario where in when a file is uploaded to the server, if the file
> fully exists on the server with matching etag, the server responds back with
> a 200 and closes the connection without actually reading the data being
> uploaded. But unfortunately on libcurl this response is
> HTTP3:no (--with-ngtcp2, --with-quiche --with-msh3)
> ...
> Features: AsynchDNS HSTS HTTP2 HTTP3 HTTPS-proxy IPv6
It looks like the configure script does not agree with itself if HTTP3 should
be enabled or not.
--
Unsubscribe:
> The "encryption" then wouldn't have to be complicated and could use a randomly
> generated "key", probably created when the handle is created.
That looks reasonable. Random key is harder to find in any memory dump.
Especially if not base64-encoded or something like that.
> Of course, since
> I have tried to specify libraries and folders as
> ```
> set(MBEDTLS_INCLUDE_DIRS "something I thought make sense" CACHE STRING "blah
> foo" FORCE)
> set(MBEDTLS_LIBRARY "something I thought make sense" CACHE STRING "blah foo"
> FORCE)
> set(MBEDX509_LIBRARY "something I thought make sense"
> I finally could build curl with SSL support on Windows.
> First I tried linking against a fresh OpenSSL build, but I kept getting
> linker error, and eventually I found the way.
> In the CMAKE configuration step, all I had to do is check the
> CURL_USE_SCHANNEL option and bingo! It seems
> Gentoo's ebuild of curl has more than 30 use flags, where most of them are
> disabled by default. So the curl features are not available to Gentoo users
> until they rebuild curl with the corresponding use flags enabled, and nobody
> freaks out about it.
That's not a good comparison - Gentoo
> From: curl-library on behalf of Anders
> Gustafsson via curl-library
> Sent: 28 February 2022 08:12
> To: curl-library@lists.haxx.se
> Cc: Anders Gustafsson
> Subject: Is it possible to use curl to sign an XML payload with a certificate?
>
> Ie, sign an XML file before sending ith with
> It isn't directly a RCE, but it seems like that might be a possibility -- say
> some process
> was using FTP/STARTTLS to download a script to run. If a MITM can interject
> content
> as the top of that script, that could be unpleasant.
Sorry but with that logic almost everything becomes an
14 matches
Mail list logo
