Make WordPress Core

Opened 3 years ago

Closed 8 months ago

#54588 closed defect (bug) (reported-upstream)

cURL incompatibility with Kaspersky (kesl)

Reported by: mirkolofio's profile mirkolofio Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: General Keywords:
Focuses: Cc:


I'm facing an issue with some servers having kesl service (Kaspersky) installed and running.

Sometimes wp_remote_* calls fails with error:

Scaricamento del pacchetto di installazione da
Warning: Il download non è andato a buon fine. "cURL error 18: transfer closed with 332690 bytes remaining to read"

The number of bytes is completely randomic.

Since it's not consistent, I've prepared this script to be run over and over (without wp-cli cache of course):

while :; do  wp plugin install jetpack && wp plugin delete jetpack && rm -rf /root/.wp-cli/cache/*; done

After digging a lot into WpOrg\Requests\Transport\cURL implementation I've found these lines being the cause of the issue:

// Force closing the connection for old versions of cURL (<7.22).
if (!isset($headers['Connection'])) {
        $headers['Connection'] = 'close';

Disabling these lines, the issue disappear. Why aren't we checking the cURL version here?

I would then suggest these changes:
1) Add a new const const CURL_7_22_0 = 0x071600
2) Check the version and add that header only if needed

Change History (10)

This ticket was mentioned in PR #2013 on WordPress/wordpress-develop by mircobabini.

3 years ago

  • Keywords has-patch added

#3 @hellofromTonya
3 years ago

  • Keywords has-patch removed
  • Milestone Awaiting Review deleted
  • Resolution set to reported-upstream
  • Status changed from new to closed

Hello @mirkolofio,

Welcome to WordPress Core's Trac. Thank you for this report.

WordPress Core is a consumer of the Requests library, meaning this library is an external dependency. It's maintained by the Requests library and not by WordPress Core. You can report issues with Requests by going here to their Issues interface.

Some notes to help:

  • Closing the cURL < 7.22 was introduced in Requests version 1.7 in 2016 in this commit and PR with this explanation:

    cURL <7.22 seems to hold the request open if the connection is keep-alive and the buffer hasn't been filled. Changing to single connections is slightly less efficient (although unnoticable in most uses), but should fix this issue.

What are the next steps?

Please open an issue in the Requests library. See the Contribute instructions in the Requests library. For the PR, please fork the Requests repository and submit the PR to that repository.

I'll close this ticket as reported upstream.

#5 @jrf
10 months ago

FYI: The fix for this will be included in the Requests 2.0.8 release.

This ticket was mentioned in Slack in #hosting by baxbridge. View the logs.

8 months ago

This ticket was mentioned in Slack in #core-upgrade-install by afragen. View the logs.

8 months ago

#8 @schlessera
8 months ago

The fix for this was reverted again with Requests 2.0.9 as it caused issues with curl 7.29.

Related ticket: #59842

#9 @jrf
8 months ago

  • Resolution reported-upstream deleted
  • Status changed from closed to reopened

#10 @jrf
8 months ago

  • Resolution set to reported-upstream
  • Status changed from reopened to closed

Sorry, issue should still be closed as it needs a fix upstream.

Note: See TracTickets for help on using tickets.