[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnurl] 206/222: schannel_verify: Fix concurrent openings of CA file
|
From: |
gnunet |
|
Subject: |
[gnurl] 206/222: schannel_verify: Fix concurrent openings of CA file |
|
Date: |
Thu, 07 Nov 2019 00:11:42 +0100 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 9c49824902834bb12e26e66f4a8db74f4b9ea217
Author: Jay Satiro <address@hidden>
AuthorDate: Fri Nov 1 18:02:59 2019 -0400
schannel_verify: Fix concurrent openings of CA file
- Open the CA file using FILE_SHARE_READ mode so that others can read
from it as well.
Prior to this change our schannel code opened the CA file without
sharing which meant concurrent openings (eg an attempt from another
thread or process) would fail during the time it was open without
sharing, which in curl's case would cause error:
"schannel: failed to open CA file".
Bug: https://curl.haxx.se/mail/lib-2019-10/0104.html
Reported-by: Richard Alcock
---
lib/vtls/schannel_verify.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c
index 5a09e969e..1bdf50a55 100644
--- a/lib/vtls/schannel_verify.c
+++ b/lib/vtls/schannel_verify.c
@@ -111,7 +111,7 @@ static CURLcode add_certs_to_store(HCERTSTORE trust_store,
*/
ca_file_handle = CreateFile(ca_file_tstr,
GENERIC_READ,
- 0,
+ FILE_SHARE_READ,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [gnurl] 217/222: awk., (continued)
- [gnurl] 217/222: awk., gnunet, 2019/11/06
- [gnurl] 219/222: include., gnunet, 2019/11/06
- [gnurl] 212/222: RELEASE-NOTES: synced, gnunet, 2019/11/06
- [gnurl] 222/222: minor, gnunet, 2019/11/06
- [gnurl] 215/222: awk, gnunet, 2019/11/06
- [gnurl] 175/222: tool_operate: Fix retry sleep time shown to user when Retry-After, gnunet, 2019/11/06
- [gnurl] 186/222: tests: add `connect to non-listen` keywords, gnunet, 2019/11/06
- [gnurl] 191/222: appveyor: Use two parallel compilation on appveyor with CMake, gnunet, 2019/11/06
- [gnurl] 196/222: HTTP3: fix Windows build, gnunet, 2019/11/06
- [gnurl] 195/222: appveyor: add --disable-proxy autotools build, gnunet, 2019/11/06
- [gnurl] 206/222: schannel_verify: Fix concurrent openings of CA file,
gnunet <=
- [gnurl] 218/222: rm sed.sh, add man_lint.sh to Makefile., gnunet, 2019/11/06
- [gnurl] 202/222: INSTALL: add missing space for configure commands, gnunet, 2019/11/06
- [gnurl] 211/222: THANKS: add new names from 7.67.0, gnunet, 2019/11/06
- [gnurl] 220/222: name, include., gnunet, 2019/11/06
- [gnurl] 209/222: certs/Server-localhost-lastSAN-sv: regenerate with sha256, gnunet, 2019/11/06
- [gnurl] 208/222: copyrights: update all copyright notices to 2019 on files changed this year, gnunet, 2019/11/06
- [gnurl] 221/222: Makefile.inc, gnunet, 2019/11/06
- [gnurl] 200/222: examples: remove the "this exact code has not been verified", gnunet, 2019/11/06
- [gnurl] 213/222: Merge tag 'curl-7_67_0', gnunet, 2019/11/06