Kevin Baughman | 30 Dec 17:43 2009

Curl timeouts issue in NSS

Hi All,

I had sent some email before that I was seeing unwanted retries in curl, and thought it was a result of the connection cache.  I've spent a few days debugging a very bizzare case where a server we are talking to is seeing data sent twice.  While debugging I spent some time digging into the curl perform stack for a POST.  There seems to be an issue in nss.c that might resend data in the case of a timeout.  I'm not completely sure if this is our issue, but it seems wrong to me. 

In the function Curl_nss_send():

  rc = PR_Send(conn->ssl[sockindex].handle, mem, (int)len, 0, timeout);

  if(rc < 0) {
    err = PR_GetError();

    if(err == PR_IO_TIMEOUT_ERROR) {
      failf(data, "SSL connection timeout");

    failf(conn->data, "SSL write: error %d", err);
    return -1;

This function says it returns the number of bytes actually sent, but I think CURLE_OPERATION_TIMEDOUT is 28.  Unless I am missing something, when I walk back up the stack the code would assume that 28 bytes have been sent and then continue sending the rest.  The same issue exists in Curl_nss_recv. 

I'm attaching a patch to return -1 in this case. 


Attachment (curl-7.19.7-nss-timeout.patch): application/octet-stream, 1554 bytes
List admin: