1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
21 ***************************************************************************/
23 #include "curl_setup.h"
25 #ifdef HAVE_NETINET_IN_H
26 #include <netinet/in.h>
31 #ifdef HAVE_ARPA_INET_H
32 #include <arpa/inet.h>
37 #ifdef HAVE_SYS_IOCTL_H
38 #include <sys/ioctl.h>
41 #ifdef HAVE_SYS_PARAM_H
42 #include <sys/param.h>
55 #error "We can't compile without socket() support!"
63 #elif defined(USE_WIN32_IDN)
64 /* prototype for curl_win32_idn_to_ascii() */
65 bool curl_win32_idn_to_ascii(const char *in, char **out);
66 #elif defined(USE_ICU_IDNA)
67 #include <unicode/uidna.h>
68 #endif /* USE_LIBIDN2 */
75 #include "vtls/vtls.h"
86 #include "content_encoding.h"
87 #include "http_digest.h"
88 #include "http_negotiate.h"
92 #include "speedcheck.h"
94 #include "non-ascii.h"
95 #include "inet_pton.h"
98 /* And now for the protocols */
106 #include "curl_ldap.h"
111 #include "inet_ntop.h"
112 #include "http_ntlm.h"
113 #include "curl_ntlm_wb.h"
115 #include "curl_rtmp.h"
117 #include "http_proxy.h"
118 #include "conncache.h"
119 #include "multihandle.h"
120 #include "pipeline.h"
125 /* The last 3 #include files should be in this order */
126 #include "curl_printf.h"
127 #include "curl_memory.h"
128 #include "memdebug.h"
130 #if defined(USE_ICU_IDNA)
131 #define MAX_DOMAIN_NAME_LEN 256
132 #endif /* USE_ICU_IDNA */
134 static void conn_free(struct connectdata *conn);
135 static void free_fixed_hostname(struct hostname *host);
136 static void signalPipeClose(struct curl_llist *pipeline, bool pipe_broke);
137 static CURLcode parse_url_login(struct Curl_easy *data,
138 struct connectdata *conn,
139 char **userptr, char **passwdptr,
141 static unsigned int get_protocol_family(unsigned int protocol);
143 /* Some parts of the code (e.g. chunked encoding) assume this buffer has at
144 * more than just a few bytes to play with. Don't let it become too small or
145 * bad things will happen.
147 #if READBUFFER_SIZE < READBUFFER_MIN
148 # error READBUFFER_SIZE is too small
156 static const struct Curl_handler * const protocols[] = {
158 #ifndef CURL_DISABLE_HTTP
162 #if defined(USE_SSL) && !defined(CURL_DISABLE_HTTP)
166 #ifndef CURL_DISABLE_FTP
170 #if defined(USE_SSL) && !defined(CURL_DISABLE_FTP)
174 #ifndef CURL_DISABLE_TELNET
175 &Curl_handler_telnet,
178 #ifndef CURL_DISABLE_DICT
182 #ifndef CURL_DISABLE_LDAP
184 #if !defined(CURL_DISABLE_LDAPS) && \
185 ((defined(USE_OPENLDAP) && defined(USE_SSL)) || \
186 (!defined(USE_OPENLDAP) && defined(HAVE_LDAP_SSL)))
191 #ifndef CURL_DISABLE_FILE
195 #ifndef CURL_DISABLE_TFTP
199 #if defined(USE_LIBSSH2) || defined(USE_LIBSSH)
203 #if defined(USE_LIBSSH2) || defined(USE_LIBSSH)
207 #ifndef CURL_DISABLE_IMAP
214 #ifndef CURL_DISABLE_POP3
221 #if !defined(CURL_DISABLE_SMB) && defined(USE_NTLM) && \
222 (CURL_SIZEOF_CURL_OFF_T > 4) && \
223 (!defined(USE_WINDOWS_SSPI) || defined(USE_WIN32_CRYPTO))
230 #ifndef CURL_DISABLE_SMTP
237 #ifndef CURL_DISABLE_RTSP
241 #ifndef CURL_DISABLE_GOPHER
242 &Curl_handler_gopher,
249 &Curl_handler_rtmpte,
251 &Curl_handler_rtmpts,
254 (struct Curl_handler *) NULL
258 * Dummy handler for undefined protocol schemes.
261 static const struct Curl_handler Curl_handler_dummy = {
262 "<no protocol>", /* scheme */
263 ZERO_NULL, /* setup_connection */
264 ZERO_NULL, /* do_it */
265 ZERO_NULL, /* done */
266 ZERO_NULL, /* do_more */
267 ZERO_NULL, /* connect_it */
268 ZERO_NULL, /* connecting */
269 ZERO_NULL, /* doing */
270 ZERO_NULL, /* proto_getsock */
271 ZERO_NULL, /* doing_getsock */
272 ZERO_NULL, /* domore_getsock */
273 ZERO_NULL, /* perform_getsock */
274 ZERO_NULL, /* disconnect */
275 ZERO_NULL, /* readwrite */
276 ZERO_NULL, /* connection_check */
279 PROTOPT_NONE /* flags */
282 void Curl_freeset(struct Curl_easy *data)
284 /* Free all dynamic strings stored in the data->set substructure. */
286 for(i = (enum dupstring)0; i < STRING_LAST; i++) {
287 Curl_safefree(data->set.str[i]);
290 if(data->change.referer_alloc) {
291 Curl_safefree(data->change.referer);
292 data->change.referer_alloc = FALSE;
294 data->change.referer = NULL;
295 if(data->change.url_alloc) {
296 Curl_safefree(data->change.url);
297 data->change.url_alloc = FALSE;
299 data->change.url = NULL;
301 Curl_mime_cleanpart(&data->set.mimepost);
305 * This is the internal function curl_easy_cleanup() calls. This should
306 * cleanup and free all resources associated with this sessionhandle.
308 * NOTE: if we ever add something that attempts to write to a socket or
309 * similar here, we must ignore SIGPIPE first. It is currently only done
310 * when curl_easy_perform() is invoked.
313 CURLcode Curl_close(struct Curl_easy *data)
315 struct Curl_multi *m;
320 Curl_expire_clear(data); /* shut off timers */
325 /* This handle is still part of a multi handle, take care of this first
326 and detach this handle from there. */
327 curl_multi_remove_handle(data->multi, data);
330 /* when curl_easy_perform() is used, it creates its own multi handle to
331 use and this is the one */
332 curl_multi_cleanup(data->multi_easy);
334 /* Destroy the timeout list that is held in the easy handle. It is
335 /normally/ done by curl_multi_remove_handle() but this is "just in
337 Curl_llist_destroy(&data->state.timeoutlist, NULL);
339 data->magic = 0; /* force a clear AFTER the possibly enforced removal from
340 the multi handle, since that function uses the magic
343 if(data->state.rangestringalloc)
344 free(data->state.range);
346 /* Free the pathbuffer */
347 Curl_safefree(data->state.pathbuffer);
348 data->state.path = NULL;
350 /* freed here just in case DONE wasn't called */
351 Curl_free_request_state(data);
353 /* Close down all open SSL info and sessions */
354 Curl_ssl_close_all(data);
355 Curl_safefree(data->state.first_host);
356 Curl_safefree(data->state.scratch);
357 Curl_ssl_free_certinfo(data);
359 /* Cleanup possible redirect junk */
360 free(data->req.newurl);
361 data->req.newurl = NULL;
363 if(data->change.referer_alloc) {
364 Curl_safefree(data->change.referer);
365 data->change.referer_alloc = FALSE;
367 data->change.referer = NULL;
369 if(data->change.url_alloc) {
370 Curl_safefree(data->change.url);
371 data->change.url_alloc = FALSE;
373 data->change.url = NULL;
375 Curl_safefree(data->state.buffer);
376 Curl_safefree(data->state.headerbuff);
378 Curl_flush_cookies(data, 1);
380 Curl_digest_cleanup(data);
382 Curl_safefree(data->info.contenttype);
383 Curl_safefree(data->info.wouldredirect);
385 /* this destroys the channel and we cannot use it anymore after this */
386 Curl_resolver_cleanup(data->state.resolver);
388 Curl_http2_cleanup_dependencies(data);
389 Curl_convert_close(data);
391 /* No longer a dirty share, if it exists */
393 Curl_share_lock(data, CURL_LOCK_DATA_SHARE, CURL_LOCK_ACCESS_SINGLE);
394 data->share->dirty--;
395 Curl_share_unlock(data, CURL_LOCK_DATA_SHARE);
398 /* destruct wildcard structures if it is needed */
399 Curl_wildcard_dtor(&data->wildcard);
406 * Initialize the UserDefined fields within a Curl_easy.
407 * This may be safely called on a new or existing Curl_easy.
409 CURLcode Curl_init_userdefined(struct Curl_easy *data)
411 struct UserDefined *set = &data->set;
412 CURLcode result = CURLE_OK;
414 set->out = stdout; /* default output to stdout */
415 set->in_set = stdin; /* default input from stdin */
416 set->err = stderr; /* default stderr to stderr */
418 /* use fwrite as default function to store output */
419 set->fwrite_func = (curl_write_callback)fwrite;
421 /* use fread as default function to read input */
422 set->fread_func_set = (curl_read_callback)fread;
423 set->is_fread_set = 0;
424 set->is_fwrite_set = 0;
426 set->seek_func = ZERO_NULL;
427 set->seek_client = ZERO_NULL;
429 /* conversion callbacks for non-ASCII hosts */
430 set->convfromnetwork = ZERO_NULL;
431 set->convtonetwork = ZERO_NULL;
432 set->convfromutf8 = ZERO_NULL;
434 set->filesize = -1; /* we don't know the size */
435 set->postfieldsize = -1; /* unknown size */
436 set->maxredirs = -1; /* allow any amount by default */
438 set->httpreq = HTTPREQ_GET; /* Default HTTP request */
439 set->rtspreq = RTSPREQ_OPTIONS; /* Default RTSP request */
440 set->ftp_use_epsv = TRUE; /* FTP defaults to EPSV operations */
441 set->ftp_use_eprt = TRUE; /* FTP defaults to EPRT operations */
442 set->ftp_use_pret = FALSE; /* mainly useful for drftpd servers */
443 set->ftp_filemethod = FTPFILE_MULTICWD;
445 set->dns_cache_timeout = 60; /* Timeout every 60 seconds by default */
447 /* Set the default size of the SSL session ID cache */
448 set->general_ssl.max_ssl_sessions = 5;
451 set->proxytype = CURLPROXY_HTTP; /* defaults to HTTP proxy */
452 set->httpauth = CURLAUTH_BASIC; /* defaults to basic */
453 set->proxyauth = CURLAUTH_BASIC; /* defaults to basic */
455 /* SOCKS5 proxy auth defaults to username/password + GSS-API */
456 set->socks5auth = CURLAUTH_BASIC | CURLAUTH_GSSAPI;
458 /* make libcurl quiet by default: */
459 set->hide_progress = TRUE; /* CURLOPT_NOPROGRESS changes these */
461 Curl_mime_initpart(&set->mimepost, data);
464 * libcurl 7.10 introduced SSL verification *by default*! This needs to be
465 * switched off unless wanted.
467 set->ssl.primary.verifypeer = TRUE;
468 set->ssl.primary.verifyhost = TRUE;
470 set->ssl.authtype = CURL_TLSAUTH_NONE;
472 set->ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
474 set->ssl.primary.sessionid = TRUE; /* session ID caching enabled by
476 set->proxy_ssl = set->ssl;
478 set->new_file_perms = 0644; /* Default permissions */
479 set->new_directory_perms = 0755; /* Default permissions */
481 /* for the *protocols fields we don't use the CURLPROTO_ALL convenience
482 define since we internally only use the lower 16 bits for the passed
483 in bitmask to not conflict with the private bits */
484 set->allowed_protocols = CURLPROTO_ALL;
485 set->redir_protocols = CURLPROTO_ALL & /* All except FILE, SCP and SMB */
486 ~(CURLPROTO_FILE | CURLPROTO_SCP | CURLPROTO_SMB |
489 #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
491 * disallow unprotected protection negotiation NEC reference implementation
492 * seem not to follow rfc1961 section 4.3/4.4
494 set->socks5_gssapi_nec = FALSE;
497 /* This is our preferred CA cert bundle/path since install time */
498 #if defined(CURL_CA_BUNDLE)
499 result = Curl_setstropt(&set->str[STRING_SSL_CAFILE_ORIG], CURL_CA_BUNDLE);
503 result = Curl_setstropt(&set->str[STRING_SSL_CAFILE_PROXY], CURL_CA_BUNDLE);
507 #if defined(CURL_CA_PATH)
508 result = Curl_setstropt(&set->str[STRING_SSL_CAPATH_ORIG], CURL_CA_PATH);
512 result = Curl_setstropt(&set->str[STRING_SSL_CAPATH_PROXY], CURL_CA_PATH);
517 set->wildcard_enabled = FALSE;
518 set->chunk_bgn = ZERO_NULL;
519 set->chunk_end = ZERO_NULL;
521 /* tcp keepalives are disabled by default, but provide reasonable values for
522 * the interval and idle times.
524 set->tcp_keepalive = FALSE;
525 set->tcp_keepintvl = 60;
526 set->tcp_keepidle = 60;
527 set->tcp_fastopen = FALSE;
528 set->tcp_nodelay = TRUE;
530 set->ssl_enable_npn = TRUE;
531 set->ssl_enable_alpn = TRUE;
533 set->expect_100_timeout = 1000L; /* Wait for a second by default. */
534 set->sep_headers = TRUE; /* separated header lists by default */
535 set->buffer_size = READBUFFER_SIZE;
536 set->happy_eyeballs_timeout = CURL_HET_DEFAULT;
538 Curl_http2_init_userset(set);
545 * @param curl is a pointer to a sessionhandle pointer that gets set by this
550 CURLcode Curl_open(struct Curl_easy **curl)
553 struct Curl_easy *data;
555 /* Very simple start-up: alloc the struct, init it with zeroes and return */
556 data = calloc(1, sizeof(struct Curl_easy));
558 /* this is a very serious error */
559 DEBUGF(fprintf(stderr, "Error: calloc of Curl_easy failed\n"));
560 return CURLE_OUT_OF_MEMORY;
563 data->magic = CURLEASY_MAGIC_NUMBER;
565 result = Curl_resolver_init(&data->state.resolver);
567 DEBUGF(fprintf(stderr, "Error: resolver_init failed\n"));
572 /* We do some initial setup here, all those fields that can't be just 0 */
574 data->state.buffer = malloc(READBUFFER_SIZE + 1);
575 if(!data->state.buffer) {
576 DEBUGF(fprintf(stderr, "Error: malloc of buffer failed\n"));
577 result = CURLE_OUT_OF_MEMORY;
580 data->state.headerbuff = malloc(HEADERSIZE);
581 if(!data->state.headerbuff) {
582 DEBUGF(fprintf(stderr, "Error: malloc of headerbuff failed\n"));
583 result = CURLE_OUT_OF_MEMORY;
586 result = Curl_init_userdefined(data);
588 data->state.headersize = HEADERSIZE;
589 Curl_convert_init(data);
592 /* most recent connection is not yet defined */
593 data->state.lastconnect = NULL;
595 data->progress.flags |= PGRS_HIDE;
596 data->state.current_speed = -1; /* init to negative == impossible */
597 data->set.fnmatch = ZERO_NULL;
598 data->set.maxconnects = DEFAULT_CONNCACHE_SIZE; /* for easy handles */
600 Curl_http2_init_state(&data->state);
605 Curl_resolver_cleanup(data->state.resolver);
606 free(data->state.buffer);
607 free(data->state.headerbuff);
618 #ifdef USE_RECV_BEFORE_SEND_WORKAROUND
619 static void conn_reset_postponed_data(struct connectdata *conn, int num)
621 struct postponed_data * const psnd = &(conn->postponed[num]);
623 DEBUGASSERT(psnd->allocated_size > 0);
624 DEBUGASSERT(psnd->recv_size <= psnd->allocated_size);
625 DEBUGASSERT(psnd->recv_size ?
626 (psnd->recv_processed < psnd->recv_size) :
627 (psnd->recv_processed == 0));
628 DEBUGASSERT(psnd->bindsock != CURL_SOCKET_BAD);
631 psnd->allocated_size = 0;
633 psnd->recv_processed = 0;
635 psnd->bindsock = CURL_SOCKET_BAD; /* used only for DEBUGASSERT */
636 #endif /* DEBUGBUILD */
639 DEBUGASSERT(psnd->allocated_size == 0);
640 DEBUGASSERT(psnd->recv_size == 0);
641 DEBUGASSERT(psnd->recv_processed == 0);
642 DEBUGASSERT(psnd->bindsock == CURL_SOCKET_BAD);
646 static void conn_reset_all_postponed_data(struct connectdata *conn)
648 conn_reset_postponed_data(conn, 0);
649 conn_reset_postponed_data(conn, 1);
651 #else /* ! USE_RECV_BEFORE_SEND_WORKAROUND */
652 /* Use "do-nothing" macro instead of function when workaround not used */
653 #define conn_reset_all_postponed_data(c) do {} WHILE_FALSE
654 #endif /* ! USE_RECV_BEFORE_SEND_WORKAROUND */
656 static void conn_free(struct connectdata *conn)
661 /* possible left-overs from the async name resolvers */
662 Curl_resolver_cancel(conn);
664 /* close the SSL stuff before we close any sockets since they will/may
665 write to the sockets */
666 Curl_ssl_close(conn, FIRSTSOCKET);
667 Curl_ssl_close(conn, SECONDARYSOCKET);
669 /* close possibly still open sockets */
670 if(CURL_SOCKET_BAD != conn->sock[SECONDARYSOCKET])
671 Curl_closesocket(conn, conn->sock[SECONDARYSOCKET]);
672 if(CURL_SOCKET_BAD != conn->sock[FIRSTSOCKET])
673 Curl_closesocket(conn, conn->sock[FIRSTSOCKET]);
674 if(CURL_SOCKET_BAD != conn->tempsock[0])
675 Curl_closesocket(conn, conn->tempsock[0]);
676 if(CURL_SOCKET_BAD != conn->tempsock[1])
677 Curl_closesocket(conn, conn->tempsock[1]);
679 #if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \
680 defined(NTLM_WB_ENABLED)
681 Curl_ntlm_wb_cleanup(conn);
684 Curl_safefree(conn->user);
685 Curl_safefree(conn->passwd);
686 Curl_safefree(conn->oauth_bearer);
687 Curl_safefree(conn->options);
688 Curl_safefree(conn->http_proxy.user);
689 Curl_safefree(conn->socks_proxy.user);
690 Curl_safefree(conn->http_proxy.passwd);
691 Curl_safefree(conn->socks_proxy.passwd);
692 Curl_safefree(conn->allocptr.proxyuserpwd);
693 Curl_safefree(conn->allocptr.uagent);
694 Curl_safefree(conn->allocptr.userpwd);
695 Curl_safefree(conn->allocptr.accept_encoding);
696 Curl_safefree(conn->allocptr.te);
697 Curl_safefree(conn->allocptr.rangeline);
698 Curl_safefree(conn->allocptr.ref);
699 Curl_safefree(conn->allocptr.host);
700 Curl_safefree(conn->allocptr.cookiehost);
701 Curl_safefree(conn->allocptr.rtsp_transport);
702 Curl_safefree(conn->trailer);
703 Curl_safefree(conn->host.rawalloc); /* host name buffer */
704 Curl_safefree(conn->conn_to_host.rawalloc); /* host name buffer */
705 Curl_safefree(conn->secondaryhostname);
706 Curl_safefree(conn->http_proxy.host.rawalloc); /* http proxy name buffer */
707 Curl_safefree(conn->socks_proxy.host.rawalloc); /* socks proxy name buffer */
708 Curl_safefree(conn->master_buffer);
709 Curl_safefree(conn->connect_state);
711 conn_reset_all_postponed_data(conn);
713 Curl_llist_destroy(&conn->send_pipe, NULL);
714 Curl_llist_destroy(&conn->recv_pipe, NULL);
716 Curl_safefree(conn->localdev);
717 Curl_free_primary_ssl_config(&conn->ssl_config);
718 Curl_free_primary_ssl_config(&conn->proxy_ssl_config);
720 #ifdef USE_UNIX_SOCKETS
721 Curl_safefree(conn->unix_domain_socket);
725 Curl_safefree(conn->ssl_extra);
727 free(conn); /* free all the connection oriented data */
731 * Disconnects the given connection. Note the connection may not be the
732 * primary connection, like when freeing room in the connection cache or
733 * killing of a dead old connection.
735 * This function MUST NOT reset state in the Curl_easy struct if that
736 * isn't strictly bound to the life-time of *this* particular connection.
740 CURLcode Curl_disconnect(struct connectdata *conn, bool dead_connection)
742 struct Curl_easy *data;
744 return CURLE_OK; /* this is closed and fine already */
748 DEBUGF(fprintf(stderr, "DISCONNECT without easy handle, ignoring\n"));
753 * If this connection isn't marked to force-close, leave it open if there
754 * are other users of it
756 if(!conn->bits.close &&
757 (conn->send_pipe.size + conn->recv_pipe.size)) {
758 DEBUGF(infof(data, "Curl_disconnect, usecounter: %d\n",
759 conn->send_pipe.size + conn->recv_pipe.size));
763 if(conn->dns_entry != NULL) {
764 Curl_resolv_unlock(data, conn->dns_entry);
765 conn->dns_entry = NULL;
768 Curl_hostcache_prune(data); /* kill old DNS cache entries */
770 #if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM)
771 /* Cleanup NTLM connection-related data */
772 Curl_http_ntlm_cleanup(conn);
775 if(conn->handler->disconnect)
776 /* This is set if protocol-specific cleanups should be made */
777 conn->handler->disconnect(conn, dead_connection);
779 /* unlink ourselves! */
780 infof(data, "Closing connection %ld\n", conn->connection_id);
781 Curl_conncache_remove_conn(conn, TRUE);
783 free_fixed_hostname(&conn->host);
784 free_fixed_hostname(&conn->conn_to_host);
785 free_fixed_hostname(&conn->http_proxy.host);
786 free_fixed_hostname(&conn->socks_proxy.host);
788 Curl_ssl_close(conn, FIRSTSOCKET);
790 /* Indicate to all handles on the pipe that we're dead */
791 if(Curl_pipeline_wanted(data->multi, CURLPIPE_ANY)) {
792 signalPipeClose(&conn->send_pipe, TRUE);
793 signalPipeClose(&conn->recv_pipe, TRUE);
802 * This function should return TRUE if the socket is to be assumed to
803 * be dead. Most commonly this happens when the server has closed the
804 * connection due to inactivity.
806 static bool SocketIsDead(curl_socket_t sock)
811 sval = SOCKET_READABLE(sock, 0);
820 * IsPipeliningPossible()
822 * Return a bitmask with the available pipelining and multiplexing options for
823 * the given requested connection.
825 static int IsPipeliningPossible(const struct Curl_easy *handle,
826 const struct connectdata *conn)
830 /* If a HTTP protocol and pipelining is enabled */
831 if((conn->handler->protocol & PROTO_FAMILY_HTTP) &&
832 (!conn->bits.protoconnstart || !conn->bits.close)) {
834 if(Curl_pipeline_wanted(handle->multi, CURLPIPE_HTTP1) &&
835 (handle->set.httpversion != CURL_HTTP_VERSION_1_0) &&
836 (handle->set.httpreq == HTTPREQ_GET ||
837 handle->set.httpreq == HTTPREQ_HEAD))
838 /* didn't ask for HTTP/1.0 and a GET or HEAD */
839 avail |= CURLPIPE_HTTP1;
841 if(Curl_pipeline_wanted(handle->multi, CURLPIPE_MULTIPLEX) &&
842 (handle->set.httpversion >= CURL_HTTP_VERSION_2))
844 avail |= CURLPIPE_MULTIPLEX;
849 int Curl_removeHandleFromPipeline(struct Curl_easy *handle,
850 struct curl_llist *pipeline)
853 struct curl_llist_element *curr;
855 curr = pipeline->head;
857 if(curr->ptr == handle) {
858 Curl_llist_remove(pipeline, curr, NULL);
859 return 1; /* we removed a handle */
868 #if 0 /* this code is saved here as it is useful for debugging purposes */
869 static void Curl_printPipeline(struct curl_llist *pipeline)
871 struct curl_llist_element *curr;
873 curr = pipeline->head;
875 struct Curl_easy *data = (struct Curl_easy *) curr->ptr;
876 infof(data, "Handle in pipeline: %s\n", data->state.path);
882 static struct Curl_easy* gethandleathead(struct curl_llist *pipeline)
884 struct curl_llist_element *curr = pipeline->head;
886 return (struct Curl_easy *) curr->ptr;
892 /* remove the specified connection from all (possible) pipelines and related
894 void Curl_getoff_all_pipelines(struct Curl_easy *data,
895 struct connectdata *conn)
897 bool recv_head = (conn->readchannel_inuse &&
898 Curl_recvpipe_head(data, conn));
899 bool send_head = (conn->writechannel_inuse &&
900 Curl_sendpipe_head(data, conn));
902 if(Curl_removeHandleFromPipeline(data, &conn->recv_pipe) && recv_head)
903 Curl_pipeline_leave_read(conn);
904 if(Curl_removeHandleFromPipeline(data, &conn->send_pipe) && send_head)
905 Curl_pipeline_leave_write(conn);
908 static void signalPipeClose(struct curl_llist *pipeline, bool pipe_broke)
910 struct curl_llist_element *curr;
915 curr = pipeline->head;
917 struct curl_llist_element *next = curr->next;
918 struct Curl_easy *data = (struct Curl_easy *) curr->ptr;
920 #ifdef DEBUGBUILD /* debug-only code */
921 if(data->magic != CURLEASY_MAGIC_NUMBER) {
923 infof(data, "signalPipeClose() found BAAD easy handle\n");
928 data->state.pipe_broke = TRUE;
929 Curl_multi_handlePipeBreak(data);
930 Curl_llist_remove(pipeline, curr, NULL);
936 proxy_info_matches(const struct proxy_info* data,
937 const struct proxy_info* needle)
939 if((data->proxytype == needle->proxytype) &&
940 (data->port == needle->port) &&
941 Curl_safe_strcasecompare(data->host.name, needle->host.name))
948 * This function checks if the given connection is dead and extracts it from
949 * the connection cache if so.
951 * When this is called as a Curl_conncache_foreach() callback, the connection
952 * cache lock is held!
954 * Returns TRUE if the connection was dead and extracted.
956 static bool extract_if_dead(struct connectdata *conn,
957 struct Curl_easy *data)
959 size_t pipeLen = conn->send_pipe.size + conn->recv_pipe.size;
960 if(!pipeLen && !conn->inuse) {
961 /* The check for a dead socket makes sense only if there are no
962 handles in pipeline and the connection isn't already marked in
966 if(conn->handler->connection_check) {
967 /* The protocol has a special method for checking the state of the
968 connection. Use it to check if the connection is dead. */
971 state = conn->handler->connection_check(conn, CONNCHECK_ISDEAD);
972 dead = (state & CONNRESULT_DEAD);
975 /* Use the general method for determining the death of a connection */
976 dead = SocketIsDead(conn->sock[FIRSTSOCKET]);
981 infof(data, "Connection %ld seems to be dead!\n", conn->connection_id);
982 Curl_conncache_remove_conn(conn, FALSE);
990 struct Curl_easy *data;
991 struct connectdata *extracted;
995 * Wrapper to use extract_if_dead() function in Curl_conncache_foreach()
998 static int call_extract_if_dead(struct connectdata *conn, void *param)
1000 struct prunedead *p = (struct prunedead *)param;
1001 if(extract_if_dead(conn, p->data)) {
1002 /* stop the iteration here, pass back the connection that was extracted */
1003 p->extracted = conn;
1006 return 0; /* continue iteration */
1010 * This function scans the connection cache for half-open/dead connections,
1011 * closes and removes them.
1012 * The cleanup is done at most once per second.
1014 static void prune_dead_connections(struct Curl_easy *data)
1016 struct curltime now = Curl_now();
1017 time_t elapsed = Curl_timediff(now, data->state.conn_cache->last_cleanup);
1019 if(elapsed >= 1000L) {
1020 struct prunedead prune;
1022 prune.extracted = NULL;
1023 while(Curl_conncache_foreach(data, data->state.conn_cache, &prune,
1024 call_extract_if_dead)) {
1026 (void)Curl_disconnect(prune.extracted, /* dead_connection */TRUE);
1028 data->state.conn_cache->last_cleanup = now;
1033 static size_t max_pipeline_length(struct Curl_multi *multi)
1035 return multi ? multi->max_pipeline_length : 0;
1040 * Given one filled in connection struct (named needle), this function should
1041 * detect if there already is one that has all the significant details
1042 * exactly the same and thus should be used instead.
1044 * If there is a match, this function returns TRUE - and has marked the
1045 * connection as 'in-use'. It must later be called with ConnectionDone() to
1046 * return back to 'idle' (unused) state.
1048 * The force_reuse flag is set if the connection must be used, even if
1049 * the pipelining strategy wants to open a new connection instead of reusing.
1052 ConnectionExists(struct Curl_easy *data,
1053 struct connectdata *needle,
1054 struct connectdata **usethis,
1058 struct connectdata *check;
1059 struct connectdata *chosen = 0;
1060 bool foundPendingCandidate = FALSE;
1061 int canpipe = IsPipeliningPossible(data, needle);
1062 struct connectbundle *bundle;
1065 bool wantNTLMhttp = ((data->state.authhost.want &
1066 (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
1067 (needle->handler->protocol & PROTO_FAMILY_HTTP));
1068 bool wantProxyNTLMhttp = (needle->bits.proxy_user_passwd &&
1069 ((data->state.authproxy.want &
1070 (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
1071 (needle->handler->protocol & PROTO_FAMILY_HTTP)));
1074 *force_reuse = FALSE;
1077 /* We can't pipeline if the site is blacklisted */
1078 if((canpipe & CURLPIPE_HTTP1) &&
1079 Curl_pipeline_site_blacklisted(data, needle))
1080 canpipe &= ~ CURLPIPE_HTTP1;
1082 /* Look up the bundle with all the connections to this particular host.
1083 Locks the connection cache, beware of early returns! */
1084 bundle = Curl_conncache_find_bundle(needle, data->state.conn_cache);
1086 /* Max pipe length is zero (unlimited) for multiplexed connections */
1087 size_t max_pipe_len = (bundle->multiuse != BUNDLE_MULTIPLEX)?
1088 max_pipeline_length(data->multi):0;
1089 size_t best_pipe_len = max_pipe_len;
1090 struct curl_llist_element *curr;
1092 infof(data, "Found bundle for host %s: %p [%s]\n",
1093 (needle->bits.conn_to_host ? needle->conn_to_host.name :
1094 needle->host.name), (void *)bundle,
1095 (bundle->multiuse == BUNDLE_PIPELINING ?
1097 (bundle->multiuse == BUNDLE_MULTIPLEX ?
1098 "can multiplex" : "serially")));
1100 /* We can't pipeline if we don't know anything about the server */
1102 if(bundle->multiuse <= BUNDLE_UNKNOWN) {
1103 if((bundle->multiuse == BUNDLE_UNKNOWN) && data->set.pipewait) {
1104 infof(data, "Server doesn't support multi-use yet, wait\n");
1106 Curl_conncache_unlock(needle);
1107 return FALSE; /* no re-use */
1110 infof(data, "Server doesn't support multi-use (yet)\n");
1113 if((bundle->multiuse == BUNDLE_PIPELINING) &&
1114 !Curl_pipeline_wanted(data->multi, CURLPIPE_HTTP1)) {
1115 /* not asked for, switch off */
1116 infof(data, "Could pipeline, but not asked to!\n");
1119 else if((bundle->multiuse == BUNDLE_MULTIPLEX) &&
1120 !Curl_pipeline_wanted(data->multi, CURLPIPE_MULTIPLEX)) {
1121 infof(data, "Could multiplex, but not asked to!\n");
1126 curr = bundle->conn_list.head;
1132 * Note that if we use a HTTP proxy in normal mode (no tunneling), we
1133 * check connections to that proxy and not to the actual remote server.
1138 if(extract_if_dead(check, data)) {
1140 (void)Curl_disconnect(check, /* dead_connection */TRUE);
1144 pipeLen = check->send_pipe.size + check->recv_pipe.size;
1147 if(check->bits.protoconnstart && check->bits.close)
1150 if(!check->bits.multiplex) {
1151 /* If not multiplexing, make sure the connection is fine for HTTP/1
1153 struct Curl_easy* sh = gethandleathead(&check->send_pipe);
1154 struct Curl_easy* rh = gethandleathead(&check->recv_pipe);
1156 if(!(IsPipeliningPossible(sh, check) & CURLPIPE_HTTP1))
1160 if(!(IsPipeliningPossible(rh, check) & CURLPIPE_HTTP1))
1167 /* can only happen within multi handles, and means that another easy
1168 handle is using this connection */
1172 if(Curl_resolver_asynch()) {
1173 /* ip_addr_str[0] is NUL only if the resolving of the name hasn't
1174 completed yet and until then we don't re-use this connection */
1175 if(!check->ip_addr_str[0]) {
1177 "Connection #%ld is still name resolving, can't reuse\n",
1178 check->connection_id);
1183 if((check->sock[FIRSTSOCKET] == CURL_SOCKET_BAD) ||
1184 check->bits.close) {
1185 if(!check->bits.close)
1186 foundPendingCandidate = TRUE;
1187 /* Don't pick a connection that hasn't connected yet or that is going
1189 infof(data, "Connection #%ld isn't open enough, can't reuse\n",
1190 check->connection_id);
1192 if(check->recv_pipe.size > 0) {
1194 "BAD! Unconnected #%ld has a non-empty recv pipeline!\n",
1195 check->connection_id);
1202 #ifdef USE_UNIX_SOCKETS
1203 if(needle->unix_domain_socket) {
1204 if(!check->unix_domain_socket)
1206 if(strcmp(needle->unix_domain_socket, check->unix_domain_socket))
1208 if(needle->abstract_unix_socket != check->abstract_unix_socket)
1211 else if(check->unix_domain_socket)
1215 if((needle->handler->flags&PROTOPT_SSL) !=
1216 (check->handler->flags&PROTOPT_SSL))
1217 /* don't do mixed SSL and non-SSL connections */
1218 if(get_protocol_family(check->handler->protocol) !=
1219 needle->handler->protocol || !check->tls_upgraded)
1220 /* except protocols that have been upgraded via TLS */
1223 if(needle->bits.httpproxy != check->bits.httpproxy ||
1224 needle->bits.socksproxy != check->bits.socksproxy)
1227 if(needle->bits.socksproxy && !proxy_info_matches(&needle->socks_proxy,
1228 &check->socks_proxy))
1231 if(needle->bits.conn_to_host != check->bits.conn_to_host)
1232 /* don't mix connections that use the "connect to host" feature and
1233 * connections that don't use this feature */
1236 if(needle->bits.conn_to_port != check->bits.conn_to_port)
1237 /* don't mix connections that use the "connect to port" feature and
1238 * connections that don't use this feature */
1241 if(needle->bits.httpproxy) {
1242 if(!proxy_info_matches(&needle->http_proxy, &check->http_proxy))
1245 if(needle->bits.tunnel_proxy != check->bits.tunnel_proxy)
1248 if(needle->http_proxy.proxytype == CURLPROXY_HTTPS) {
1249 /* use https proxy */
1250 if(needle->handler->flags&PROTOPT_SSL) {
1251 /* use double layer ssl */
1252 if(!Curl_ssl_config_matches(&needle->proxy_ssl_config,
1253 &check->proxy_ssl_config))
1255 if(check->proxy_ssl[FIRSTSOCKET].state != ssl_connection_complete)
1259 if(!Curl_ssl_config_matches(&needle->ssl_config,
1260 &check->ssl_config))
1262 if(check->ssl[FIRSTSOCKET].state != ssl_connection_complete)
1268 if(!canpipe && check->inuse)
1269 /* this request can't be pipelined but the checked connection is
1270 already in use so we skip it */
1273 if((check->inuse) && (check->data->multi != needle->data->multi))
1274 /* this could be subject for pipeline/multiplex use, but only
1275 if they belong to the same multi handle */
1278 if(needle->localdev || needle->localport) {
1279 /* If we are bound to a specific local end (IP+port), we must not
1280 re-use a random other one, although if we didn't ask for a
1281 particular one we can reuse one that was bound.
1283 This comparison is a bit rough and too strict. Since the input
1284 parameters can be specified in numerous ways and still end up the
1285 same it would take a lot of processing to make it really accurate.
1286 Instead, this matching will assume that re-uses of bound connections
1287 will most likely also re-use the exact same binding parameters and
1288 missing out a few edge cases shouldn't hurt anyone very much.
1290 if((check->localport != needle->localport) ||
1291 (check->localportrange != needle->localportrange) ||
1292 (needle->localdev &&
1293 (!check->localdev || strcmp(check->localdev, needle->localdev))))
1297 if(!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) {
1298 /* This protocol requires credentials per connection,
1299 so verify that we're using the same name and password as well */
1300 if(strcmp(needle->user, check->user) ||
1301 strcmp(needle->passwd, check->passwd)) {
1302 /* one of them was different */
1307 if(!needle->bits.httpproxy || (needle->handler->flags&PROTOPT_SSL) ||
1308 needle->bits.tunnel_proxy) {
1309 /* The requested connection does not use a HTTP proxy or it uses SSL or
1310 it is a non-SSL protocol tunneled or it is a non-SSL protocol which
1311 is allowed to be upgraded via TLS */
1313 if((strcasecompare(needle->handler->scheme, check->handler->scheme) ||
1314 (get_protocol_family(check->handler->protocol) ==
1315 needle->handler->protocol && check->tls_upgraded)) &&
1316 (!needle->bits.conn_to_host || strcasecompare(
1317 needle->conn_to_host.name, check->conn_to_host.name)) &&
1318 (!needle->bits.conn_to_port ||
1319 needle->conn_to_port == check->conn_to_port) &&
1320 strcasecompare(needle->host.name, check->host.name) &&
1321 needle->remote_port == check->remote_port) {
1322 /* The schemes match or the the protocol family is the same and the
1323 previous connection was TLS upgraded, and the hostname and host
1325 if(needle->handler->flags & PROTOPT_SSL) {
1326 /* This is a SSL connection so verify that we're using the same
1327 SSL options as well */
1328 if(!Curl_ssl_config_matches(&needle->ssl_config,
1329 &check->ssl_config)) {
1331 "Connection #%ld has different SSL parameters, "
1333 check->connection_id));
1336 if(check->ssl[FIRSTSOCKET].state != ssl_connection_complete) {
1337 foundPendingCandidate = TRUE;
1339 "Connection #%ld has not started SSL connect, "
1341 check->connection_id));
1349 /* The requested connection is using the same HTTP proxy in normal
1350 mode (no tunneling) */
1355 #if defined(USE_NTLM)
1356 /* If we are looking for an HTTP+NTLM connection, check if this is
1357 already authenticating with the right credentials. If not, keep
1358 looking so that we can reuse NTLM connections if
1359 possible. (Especially we must not reuse the same connection if
1360 partway through a handshake!) */
1362 if(strcmp(needle->user, check->user) ||
1363 strcmp(needle->passwd, check->passwd))
1366 else if(check->ntlm.state != NTLMSTATE_NONE) {
1367 /* Connection is using NTLM auth but we don't want NTLM */
1371 /* Same for Proxy NTLM authentication */
1372 if(wantProxyNTLMhttp) {
1373 /* Both check->http_proxy.user and check->http_proxy.passwd can be
1375 if(!check->http_proxy.user || !check->http_proxy.passwd)
1378 if(strcmp(needle->http_proxy.user, check->http_proxy.user) ||
1379 strcmp(needle->http_proxy.passwd, check->http_proxy.passwd))
1382 else if(check->proxyntlm.state != NTLMSTATE_NONE) {
1383 /* Proxy connection is using NTLM auth but we don't want NTLM */
1387 if(wantNTLMhttp || wantProxyNTLMhttp) {
1388 /* Credentials are already checked, we can use this connection */
1392 (check->ntlm.state != NTLMSTATE_NONE)) ||
1393 (wantProxyNTLMhttp &&
1394 (check->proxyntlm.state != NTLMSTATE_NONE))) {
1395 /* We must use this connection, no other */
1396 *force_reuse = TRUE;
1400 /* Continue look up for a better connection */
1405 /* We can pipeline if we want to. Let's continue looking for
1406 the optimal connection to use, i.e the shortest pipe that is not
1410 /* We have the optimal connection. Let's stop looking. */
1415 /* We can't use the connection if the pipe is full */
1416 if(max_pipe_len && (pipeLen >= max_pipe_len)) {
1417 infof(data, "Pipe is full, skip (%zu)\n", pipeLen);
1421 /* If multiplexed, make sure we don't go over concurrency limit */
1422 if(check->bits.multiplex) {
1423 /* Multiplexed connections can only be HTTP/2 for now */
1424 struct http_conn *httpc = &check->proto.httpc;
1425 if(pipeLen >= httpc->settings.max_concurrent_streams) {
1426 infof(data, "MAX_CONCURRENT_STREAMS reached, skip (%zu)\n",
1432 /* We can't use the connection if the pipe is penalized */
1433 if(Curl_pipeline_penalized(data, check)) {
1434 infof(data, "Penalized, skip\n");
1439 if(pipeLen < best_pipe_len) {
1440 /* This connection has a shorter pipe so far. We'll pick this
1441 and continue searching */
1443 best_pipe_len = pipeLen;
1448 /* When not pipelining (== multiplexed), we have a match here! */
1450 infof(data, "Multiplexed connection found!\n");
1455 /* We have found a connection. Let's stop searching. */
1464 /* mark it as used before releasing the lock */
1465 chosen->inuse = TRUE;
1466 Curl_conncache_unlock(needle);
1468 return TRUE; /* yes, we found one to use! */
1470 Curl_conncache_unlock(needle);
1472 if(foundPendingCandidate && data->set.pipewait) {
1474 "Found pending candidate for reuse and CURLOPT_PIPEWAIT is set\n");
1478 return FALSE; /* no matching connecting exists */
1481 /* after a TCP connection to the proxy has been verified, this function does
1482 the next magic step.
1484 Note: this function's sub-functions call failf()
1487 CURLcode Curl_connected_proxy(struct connectdata *conn, int sockindex)
1489 CURLcode result = CURLE_OK;
1491 if(conn->bits.socksproxy) {
1492 #ifndef CURL_DISABLE_PROXY
1493 /* for the secondary socket (FTP), use the "connect to host"
1494 * but ignore the "connect to port" (use the secondary port)
1496 const char * const host = conn->bits.httpproxy ?
1497 conn->http_proxy.host.name :
1498 conn->bits.conn_to_host ?
1499 conn->conn_to_host.name :
1500 sockindex == SECONDARYSOCKET ?
1501 conn->secondaryhostname : conn->host.name;
1502 const int port = conn->bits.httpproxy ? (int)conn->http_proxy.port :
1503 sockindex == SECONDARYSOCKET ? conn->secondary_port :
1504 conn->bits.conn_to_port ? conn->conn_to_port :
1506 conn->bits.socksproxy_connecting = TRUE;
1507 switch(conn->socks_proxy.proxytype) {
1508 case CURLPROXY_SOCKS5:
1509 case CURLPROXY_SOCKS5_HOSTNAME:
1510 result = Curl_SOCKS5(conn->socks_proxy.user, conn->socks_proxy.passwd,
1511 host, port, sockindex, conn);
1514 case CURLPROXY_SOCKS4:
1515 case CURLPROXY_SOCKS4A:
1516 result = Curl_SOCKS4(conn->socks_proxy.user, host, port, sockindex,
1521 failf(conn->data, "unknown proxytype option given");
1522 result = CURLE_COULDNT_CONNECT;
1523 } /* switch proxytype */
1524 conn->bits.socksproxy_connecting = FALSE;
1527 #endif /* CURL_DISABLE_PROXY */
1534 * verboseconnect() displays verbose information after a connect
1536 #ifndef CURL_DISABLE_VERBOSE_STRINGS
1537 void Curl_verboseconnect(struct connectdata *conn)
1539 if(conn->data->set.verbose)
1540 infof(conn->data, "Connected to %s (%s) port %ld (#%ld)\n",
1541 conn->bits.socksproxy ? conn->socks_proxy.host.dispname :
1542 conn->bits.httpproxy ? conn->http_proxy.host.dispname :
1543 conn->bits.conn_to_host ? conn->conn_to_host.dispname :
1544 conn->host.dispname,
1545 conn->ip_addr_str, conn->port, conn->connection_id);
1549 int Curl_protocol_getsock(struct connectdata *conn,
1550 curl_socket_t *socks,
1553 if(conn->handler->proto_getsock)
1554 return conn->handler->proto_getsock(conn, socks, numsocks);
1555 return GETSOCK_BLANK;
1558 int Curl_doing_getsock(struct connectdata *conn,
1559 curl_socket_t *socks,
1562 if(conn && conn->handler->doing_getsock)
1563 return conn->handler->doing_getsock(conn, socks, numsocks);
1564 return GETSOCK_BLANK;
1568 * We are doing protocol-specific connecting and this is being called over and
1569 * over from the multi interface until the connection phase is done on
1573 CURLcode Curl_protocol_connecting(struct connectdata *conn,
1576 CURLcode result = CURLE_OK;
1578 if(conn && conn->handler->connecting) {
1580 result = conn->handler->connecting(conn, done);
1589 * We are DOING this is being called over and over from the multi interface
1590 * until the DOING phase is done on protocol layer.
1593 CURLcode Curl_protocol_doing(struct connectdata *conn, bool *done)
1595 CURLcode result = CURLE_OK;
1597 if(conn && conn->handler->doing) {
1599 result = conn->handler->doing(conn, done);
1608 * We have discovered that the TCP connection has been successful, we can now
1609 * proceed with some action.
1612 CURLcode Curl_protocol_connect(struct connectdata *conn,
1613 bool *protocol_done)
1615 CURLcode result = CURLE_OK;
1617 *protocol_done = FALSE;
1619 if(conn->bits.tcpconnect[FIRSTSOCKET] && conn->bits.protoconnstart) {
1620 /* We already are connected, get back. This may happen when the connect
1621 worked fine in the first call, like when we connect to a local server
1622 or proxy. Note that we don't know if the protocol is actually done.
1624 Unless this protocol doesn't have any protocol-connect callback, as
1625 then we know we're done. */
1626 if(!conn->handler->connecting)
1627 *protocol_done = TRUE;
1632 if(!conn->bits.protoconnstart) {
1634 result = Curl_proxy_connect(conn, FIRSTSOCKET);
1638 if(CONNECT_FIRSTSOCKET_PROXY_SSL())
1639 /* wait for HTTPS proxy SSL initialization to complete */
1642 if(conn->bits.tunnel_proxy && conn->bits.httpproxy &&
1643 Curl_connect_ongoing(conn))
1644 /* when using an HTTP tunnel proxy, await complete tunnel establishment
1645 before proceeding further. Return CURLE_OK so we'll be called again */
1648 if(conn->handler->connect_it) {
1649 /* is there a protocol-specific connect() procedure? */
1651 /* Call the protocol-specific connect function */
1652 result = conn->handler->connect_it(conn, protocol_done);
1655 *protocol_done = TRUE;
1657 /* it has started, possibly even completed but that knowledge isn't stored
1660 conn->bits.protoconnstart = TRUE;
1663 return result; /* pass back status */
1667 * Helpers for IDNA conversions.
1669 static bool is_ASCII_name(const char *hostname)
1671 const unsigned char *ch = (const unsigned char *)hostname;
1681 * Perform any necessary IDN conversion of hostname
1683 static CURLcode fix_hostname(struct connectdata *conn, struct hostname *host)
1686 struct Curl_easy *data = conn->data;
1691 #elif defined(CURL_DISABLE_VERBOSE_STRINGS)
1695 /* set the name we use to display the host name */
1696 host->dispname = host->name;
1698 len = strlen(host->name);
1699 if(len && (host->name[len-1] == '.'))
1700 /* strip off a single trailing dot if present, primarily for SNI but
1701 there's no use for it */
1702 host->name[len-1] = 0;
1704 /* Check name for non-ASCII and convert hostname to ACE form if we can */
1705 if(!is_ASCII_name(host->name)) {
1707 if(idn2_check_version(IDN2_VERSION)) {
1708 char *ace_hostname = NULL;
1709 #if IDN2_VERSION_NUMBER >= 0x00140000
1710 /* IDN2_NFC_INPUT: Normalize input string using normalization form C.
1711 IDN2_NONTRANSITIONAL: Perform Unicode TR46 non-transitional
1713 int flags = IDN2_NFC_INPUT | IDN2_NONTRANSITIONAL;
1715 int flags = IDN2_NFC_INPUT;
1717 int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, flags);
1719 host->encalloc = (char *)ace_hostname;
1720 /* change the name pointer to point to the encoded hostname */
1721 host->name = host->encalloc;
1724 failf(data, "Failed to convert %s to ACE; %s\n", host->name,
1726 return CURLE_URL_MALFORMAT;
1729 #elif defined(USE_WIN32_IDN)
1730 char *ace_hostname = NULL;
1732 if(curl_win32_idn_to_ascii(host->name, &ace_hostname)) {
1733 host->encalloc = ace_hostname;
1734 /* change the name pointer to point to the encoded hostname */
1735 host->name = host->encalloc;
1738 failf(data, "Failed to convert %s to ACE;\n", host->name);
1739 return CURLE_URL_MALFORMAT;
1740 #elif defined(USE_ICU_IDNA)
1741 char *ace_hostname = malloc(MAX_DOMAIN_NAME_LEN * sizeof(char));
1742 UErrorCode errorCode = U_ZERO_ERROR;
1743 UIDNAInfo info = UIDNA_INFO_INITIALIZER;
1745 uidna_openUTS46(UIDNA_USE_STD3_RULES|UIDNA_NONTRANSITIONAL_TO_UNICODE,
1747 int32_t length = uidna_nameToASCII_UTF8(uts46,
1748 host->name, strlen(host->name),
1749 ace_hostname, MAX_DOMAIN_NAME_LEN, &info, &errorCode);
1752 if(errorCode != U_ZERO_ERROR || info.errors || length < 1)
1753 infof(data, "Failed to convert %s to ACE;\n", host->name);
1755 host->encalloc = ace_hostname;
1756 host->name = host->encalloc;
1759 infof(data, "IDN support not present, can't parse Unicode domains\n");
1764 for(hostp = host->name; *hostp; hostp++) {
1766 failf(data, "Host name '%s' contains bad letter", host->name);
1767 return CURLE_URL_MALFORMAT;
1775 * Frees data allocated by fix_hostname()
1777 static void free_fixed_hostname(struct hostname *host)
1779 #if defined(USE_LIBIDN2)
1780 if(host->encalloc) {
1781 idn2_free(host->encalloc); /* must be freed with idn2_free() since this was
1782 allocated by libidn */
1783 host->encalloc = NULL;
1785 #elif defined(USE_WIN32_IDN)
1786 free(host->encalloc); /* must be freed with free() since this was
1787 allocated by curl_win32_idn_to_ascii */
1788 host->encalloc = NULL;
1789 #elif defined(USE_ICU_IDNA)
1790 free(host->encalloc);
1791 host->encalloc = NULL;
1797 static void llist_dtor(void *user, void *element)
1805 * Allocate and initialize a new connectdata object.
1807 static struct connectdata *allocate_conn(struct Curl_easy *data)
1809 struct connectdata *conn = calloc(1, sizeof(struct connectdata));
1814 /* The SSL backend-specific data (ssl_backend_data) objects are allocated as
1815 a separate array to ensure suitable alignment.
1816 Note that these backend pointers can be swapped by vtls (eg ssl backend
1817 data becomes proxy backend data). */
1819 size_t sslsize = Curl_ssl->sizeof_ssl_backend_data;
1820 char *ssl = calloc(4, sslsize);
1825 conn->ssl_extra = ssl;
1826 conn->ssl[0].backend = (void *)ssl;
1827 conn->ssl[1].backend = (void *)(ssl + sslsize);
1828 conn->proxy_ssl[0].backend = (void *)(ssl + 2 * sslsize);
1829 conn->proxy_ssl[1].backend = (void *)(ssl + 3 * sslsize);
1833 conn->handler = &Curl_handler_dummy; /* Be sure we have a handler defined
1834 already from start to avoid NULL
1835 situations and checks */
1837 /* and we setup a few fields in case we end up actually using this struct */
1839 conn->sock[FIRSTSOCKET] = CURL_SOCKET_BAD; /* no file descriptor */
1840 conn->sock[SECONDARYSOCKET] = CURL_SOCKET_BAD; /* no file descriptor */
1841 conn->tempsock[0] = CURL_SOCKET_BAD; /* no file descriptor */
1842 conn->tempsock[1] = CURL_SOCKET_BAD; /* no file descriptor */
1843 conn->connection_id = -1; /* no ID */
1844 conn->port = -1; /* unknown at this point */
1845 conn->remote_port = -1; /* unknown at this point */
1846 #if defined(USE_RECV_BEFORE_SEND_WORKAROUND) && defined(DEBUGBUILD)
1847 conn->postponed[0].bindsock = CURL_SOCKET_BAD; /* no file descriptor */
1848 conn->postponed[1].bindsock = CURL_SOCKET_BAD; /* no file descriptor */
1849 #endif /* USE_RECV_BEFORE_SEND_WORKAROUND && DEBUGBUILD */
1851 /* Default protocol-independent behavior doesn't support persistent
1852 connections, so we set this to force-close. Protocols that support
1853 this need to set this to FALSE in their "curl_do" functions. */
1854 connclose(conn, "Default to force-close");
1856 /* Store creation time to help future close decision making */
1857 conn->created = Curl_now();
1859 conn->data = data; /* Setup the association between this connection
1860 and the Curl_easy */
1862 conn->http_proxy.proxytype = data->set.proxytype;
1863 conn->socks_proxy.proxytype = CURLPROXY_SOCKS4;
1865 #ifdef CURL_DISABLE_PROXY
1867 conn->bits.proxy = FALSE;
1868 conn->bits.httpproxy = FALSE;
1869 conn->bits.socksproxy = FALSE;
1870 conn->bits.proxy_user_passwd = FALSE;
1871 conn->bits.tunnel_proxy = FALSE;
1873 #else /* CURL_DISABLE_PROXY */
1875 /* note that these two proxy bits are now just on what looks to be
1876 requested, they may be altered down the road */
1877 conn->bits.proxy = (data->set.str[STRING_PROXY] &&
1878 *data->set.str[STRING_PROXY]) ? TRUE : FALSE;
1879 conn->bits.httpproxy = (conn->bits.proxy &&
1880 (conn->http_proxy.proxytype == CURLPROXY_HTTP ||
1881 conn->http_proxy.proxytype == CURLPROXY_HTTP_1_0 ||
1882 conn->http_proxy.proxytype == CURLPROXY_HTTPS)) ?
1884 conn->bits.socksproxy = (conn->bits.proxy &&
1885 !conn->bits.httpproxy) ? TRUE : FALSE;
1887 if(data->set.str[STRING_PRE_PROXY] && *data->set.str[STRING_PRE_PROXY]) {
1888 conn->bits.proxy = TRUE;
1889 conn->bits.socksproxy = TRUE;
1892 conn->bits.proxy_user_passwd =
1893 (data->set.str[STRING_PROXYUSERNAME]) ? TRUE : FALSE;
1894 conn->bits.tunnel_proxy = data->set.tunnel_thru_httpproxy;
1896 #endif /* CURL_DISABLE_PROXY */
1898 conn->bits.user_passwd = (data->set.str[STRING_USERNAME]) ? TRUE : FALSE;
1899 conn->bits.ftp_use_epsv = data->set.ftp_use_epsv;
1900 conn->bits.ftp_use_eprt = data->set.ftp_use_eprt;
1902 conn->ssl_config.verifystatus = data->set.ssl.primary.verifystatus;
1903 conn->ssl_config.verifypeer = data->set.ssl.primary.verifypeer;
1904 conn->ssl_config.verifyhost = data->set.ssl.primary.verifyhost;
1905 conn->proxy_ssl_config.verifystatus =
1906 data->set.proxy_ssl.primary.verifystatus;
1907 conn->proxy_ssl_config.verifypeer = data->set.proxy_ssl.primary.verifypeer;
1908 conn->proxy_ssl_config.verifyhost = data->set.proxy_ssl.primary.verifyhost;
1910 conn->ip_version = data->set.ipver;
1912 #if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \
1913 defined(NTLM_WB_ENABLED)
1914 conn->ntlm_auth_hlpr_socket = CURL_SOCKET_BAD;
1915 conn->ntlm_auth_hlpr_pid = 0;
1916 conn->challenge_header = NULL;
1917 conn->response_header = NULL;
1920 if(Curl_pipeline_wanted(data->multi, CURLPIPE_HTTP1) &&
1921 !conn->master_buffer) {
1922 /* Allocate master_buffer to be used for HTTP/1 pipelining */
1923 conn->master_buffer = calloc(MASTERBUF_SIZE, sizeof(char));
1924 if(!conn->master_buffer)
1928 /* Initialize the pipeline lists */
1929 Curl_llist_init(&conn->send_pipe, (curl_llist_dtor) llist_dtor);
1930 Curl_llist_init(&conn->recv_pipe, (curl_llist_dtor) llist_dtor);
1933 conn->data_prot = PROT_CLEAR;
1936 /* Store the local bind parameters that will be used for this connection */
1937 if(data->set.str[STRING_DEVICE]) {
1938 conn->localdev = strdup(data->set.str[STRING_DEVICE]);
1942 conn->localportrange = data->set.localportrange;
1943 conn->localport = data->set.localport;
1945 /* the close socket stuff needs to be copied to the connection struct as
1946 it may live on without (this specific) Curl_easy */
1947 conn->fclosesocket = data->set.fclosesocket;
1948 conn->closesocket_client = data->set.closesocket_client;
1953 Curl_llist_destroy(&conn->send_pipe, NULL);
1954 Curl_llist_destroy(&conn->recv_pipe, NULL);
1956 free(conn->master_buffer);
1957 free(conn->localdev);
1959 free(conn->ssl_extra);
1965 static CURLcode findprotocol(struct Curl_easy *data,
1966 struct connectdata *conn,
1967 const char *protostr)
1969 const struct Curl_handler * const *pp;
1970 const struct Curl_handler *p;
1972 /* Scan protocol handler table and match against 'protostr' to set a few
1973 variables based on the URL. Now that the handler may be changed later
1974 when the protocol specific setup function is called. */
1975 for(pp = protocols; (p = *pp) != NULL; pp++) {
1976 if(strcasecompare(p->scheme, protostr)) {
1977 /* Protocol found in table. Check if allowed */
1978 if(!(data->set.allowed_protocols & p->protocol))
1982 /* it is allowed for "normal" request, now do an extra check if this is
1983 the result of a redirect */
1984 if(data->state.this_is_a_follow &&
1985 !(data->set.redir_protocols & p->protocol))
1989 /* Perform setup complement if some. */
1990 conn->handler = conn->given = p;
1992 /* 'port' and 'remote_port' are set in setup_connection_internals() */
1998 /* The protocol was not found in the table, but we don't have to assign it
1999 to anything since it is already assigned to a dummy-struct in the
2000 create_conn() function when the connectdata struct is allocated. */
2001 failf(data, "Protocol \"%s\" not supported or disabled in " LIBCURL_NAME,
2004 return CURLE_UNSUPPORTED_PROTOCOL;
2008 * Parse URL and fill in the relevant members of the connection struct.
2010 static CURLcode parseurlandfillconn(struct Curl_easy *data,
2011 struct connectdata *conn,
2013 char **userp, char **passwdp,
2018 char *path = data->state.path;
2022 const char *protop = "";
2024 bool rebuild_url = FALSE;
2025 bool url_has_scheme = FALSE;
2028 *prot_missing = FALSE;
2030 /* We might pass the entire URL into the request so we need to make sure
2031 * there are no bad characters in there.*/
2032 if(strpbrk(data->change.url, "\r\n")) {
2033 failf(data, "Illegal characters found in URL");
2034 return CURLE_URL_MALFORMAT;
2037 /*************************************************************
2040 * We need to parse the url even when using the proxy, because we will need
2041 * the hostname and port in case we are trying to SSL connect through the
2042 * proxy -- and we don't know if we will need to use SSL until we parse the
2044 ************************************************************/
2045 if(data->change.url[0] == ':') {
2046 failf(data, "Bad URL, colon is first character");
2047 return CURLE_URL_MALFORMAT;
2050 /* MSDOS/Windows style drive prefix, eg c: in c:foo */
2051 #define STARTS_WITH_DRIVE_PREFIX(str) \
2052 ((('a' <= str[0] && str[0] <= 'z') || \
2053 ('A' <= str[0] && str[0] <= 'Z')) && \
2056 /* MSDOS/Windows style drive prefix, optionally with
2057 * a '|' instead of ':', followed by a slash or NUL */
2058 #define STARTS_WITH_URL_DRIVE_PREFIX(str) \
2059 ((('a' <= (str)[0] && (str)[0] <= 'z') || \
2060 ('A' <= (str)[0] && (str)[0] <= 'Z')) && \
2061 ((str)[1] == ':' || (str)[1] == '|') && \
2062 ((str)[2] == '/' || (str)[2] == '\\' || (str)[2] == 0))
2064 /* Don't mistake a drive letter for a scheme if the default protocol is file.
2065 curld --proto-default file c:/foo/bar.txt */
2066 if(STARTS_WITH_DRIVE_PREFIX(data->change.url) &&
2067 data->set.str[STRING_DEFAULT_PROTOCOL] &&
2068 strcasecompare(data->set.str[STRING_DEFAULT_PROTOCOL], "file")) {
2071 else { /* check for a scheme */
2072 for(i = 0; i < 16 && data->change.url[i]; ++i) {
2073 if(data->change.url[i] == '/')
2075 if(data->change.url[i] == ':') {
2076 url_has_scheme = TRUE;
2082 /* handle the file: scheme */
2083 if((url_has_scheme && strncasecompare(data->change.url, "file:", 5)) ||
2084 (!url_has_scheme && data->set.str[STRING_DEFAULT_PROTOCOL] &&
2085 strcasecompare(data->set.str[STRING_DEFAULT_PROTOCOL], "file"))) {
2087 rc = sscanf(data->change.url, "%*15[^\n/:]:%[^\n]", path);
2089 rc = sscanf(data->change.url, "%[^\n]", path);
2092 failf(data, "Bad URL");
2093 return CURLE_URL_MALFORMAT;
2096 if(url_has_scheme && path[0] == '/' && path[1] == '/' &&
2097 path[2] == '/' && path[3] == '/') {
2098 /* This appears to be a UNC string (usually indicating a SMB share).
2099 * We don't do SMB in file: URLs. (TODO?)
2101 failf(data, "SMB shares are not supported in file: URLs.");
2102 return CURLE_URL_MALFORMAT;
2105 /* Extra handling URLs with an authority component (i.e. that start with
2108 * We allow omitted hostname (e.g. file:/<path>) -- valid according to
2109 * RFC 8089, but not the (current) WHAT-WG URL spec.
2111 if(url_has_scheme && path[0] == '/' && path[1] == '/') {
2112 /* swallow the two slashes */
2113 char *ptr = &path[2];
2116 * According to RFC 8089, a file: URL can be reliably dereferenced if:
2118 * o it has no/blank hostname, or
2120 * o the hostname matches "localhost" (case-insensitively), or
2122 * o the hostname is a FQDN that resolves to this machine.
2124 * For brevity, we only consider URLs with empty, "localhost", or
2125 * "127.0.0.1" hostnames as local.
2127 * Additionally, there is an exception for URLs with a Windows drive
2128 * letter in the authority (which was accidentally omitted from RFC 8089
2129 * Appendix E, but believe me, it was meant to be there. --MK)
2131 if(ptr[0] != '/' && !STARTS_WITH_URL_DRIVE_PREFIX(ptr)) {
2132 /* the URL includes a host name, it must match "localhost" or
2133 "127.0.0.1" to be valid */
2134 if(!checkprefix("localhost/", ptr) &&
2135 !checkprefix("127.0.0.1/", ptr)) {
2136 failf(data, "Invalid file://hostname/, "
2137 "expected localhost or 127.0.0.1 or none");
2138 return CURLE_URL_MALFORMAT;
2140 ptr += 9; /* now points to the slash after the host */
2144 * RFC 8089, Appendix D, Section D.1, says:
2146 * > In a POSIX file system, the root of the file system is represented
2147 * > as a directory with a zero-length name, usually written as "/"; the
2148 * > presence of this root in a file URI can be taken as given by the
2149 * > initial slash in the "path-absolute" rule.
2151 * i.e. the first slash is part of the path.
2153 * However in RFC 1738 the "/" between the host (or port) and the
2154 * URL-path was NOT part of the URL-path. Any agent that followed the
2155 * older spec strictly, and wanted to refer to a file with an absolute
2156 * path, would have included a second slash. So if there are two
2157 * slashes, swallow one.
2159 if('/' == ptr[1]) /* note: the only way ptr[0]!='/' is if ptr[1]==':' */
2162 /* This cannot be done with strcpy, as the memory chunks overlap! */
2163 memmove(path, ptr, strlen(ptr) + 1);
2166 #if !defined(MSDOS) && !defined(WIN32) && !defined(__CYGWIN__)
2167 /* Don't allow Windows drive letters when not in Windows.
2168 * This catches both "file:/c:" and "file:c:" */
2169 if(('/' == path[0] && STARTS_WITH_URL_DRIVE_PREFIX(&path[1])) ||
2170 STARTS_WITH_URL_DRIVE_PREFIX(path)) {
2171 failf(data, "File drive letters are only accepted in MSDOS/Windows.");
2172 return CURLE_URL_MALFORMAT;
2175 /* If the path starts with a slash and a drive letter, ditch the slash */
2176 if('/' == path[0] && STARTS_WITH_URL_DRIVE_PREFIX(&path[1])) {
2177 /* This cannot be done with strcpy, as the memory chunks overlap! */
2178 memmove(path, &path[1], strlen(&path[1]) + 1);
2182 protop = "file"; /* protocol string */
2183 *prot_missing = !url_has_scheme;
2190 rc = sscanf(data->change.url,
2191 "%15[^\n/:]:%3[/]%[^\n/?#]%[^\n]",
2192 protobuf, slashbuf, conn->host.name, path);
2194 failf(data, "Bad URL");
2195 return CURLE_URL_MALFORMAT;
2200 * The URL was badly formatted, let's try the browser-style _without_
2201 * protocol specified like 'http://'.
2203 rc = sscanf(data->change.url, "%[^\n/?#]%[^\n]", conn->host.name, path);
2206 * We couldn't even get this format.
2207 * djgpp 2.04 has a sscanf() bug where 'conn->host.name' is
2208 * assigned, but the return value is EOF!
2210 #if defined(__DJGPP__) && (DJGPP_MINOR == 4)
2211 if(!(rc == -1 && *conn->host.name))
2214 failf(data, "<url> malformed");
2215 return CURLE_URL_MALFORMAT;
2220 * Since there was no protocol part specified in the URL use the
2221 * user-specified default protocol. If we weren't given a default make a
2222 * guess by matching some protocols against the host's outermost
2223 * sub-domain name. Finally if there was no match use HTTP.
2226 protop = data->set.str[STRING_DEFAULT_PROTOCOL];
2228 /* Note: if you add a new protocol, please update the list in
2229 * lib/version.c too! */
2230 if(checkprefix("FTP.", conn->host.name))
2232 else if(checkprefix("DICT.", conn->host.name))
2234 else if(checkprefix("LDAP.", conn->host.name))
2236 else if(checkprefix("IMAP.", conn->host.name))
2238 else if(checkprefix("SMTP.", conn->host.name))
2240 else if(checkprefix("POP3.", conn->host.name))
2246 *prot_missing = TRUE; /* not given in URL */
2249 size_t s = strlen(slashbuf);
2252 infof(data, "Unwillingly accepted illegal URL using %d slash%s!\n",
2255 if(data->change.url_alloc)
2256 free(data->change.url);
2257 /* repair the URL to use two slashes */
2258 data->change.url = aprintf("%s://%s%s",
2259 protobuf, conn->host.name, path);
2260 if(!data->change.url)
2261 return CURLE_OUT_OF_MEMORY;
2262 data->change.url_alloc = TRUE;
2267 /* We search for '?' in the host name (but only on the right side of a
2268 * @-letter to allow ?-letters in username and password) to handle things
2269 * like http://example.com?param= (notice the missing '/').
2271 at = strchr(conn->host.name, '@');
2273 query = strchr(at + 1, '?');
2275 query = strchr(conn->host.name, '?');
2278 /* We must insert a slash before the '?'-letter in the URL. If the URL had
2279 a slash after the '?', that is where the path currently begins and the
2280 '?string' is still part of the host name.
2282 We must move the trailing part from the host name and put it first in
2283 the path. And have it all prefixed with a slash.
2286 size_t hostlen = strlen(query);
2287 size_t pathlen = strlen(path);
2289 /* move the existing path plus the zero byte forward, to make room for
2290 the host-name part */
2291 memmove(path + hostlen + 1, path, pathlen + 1);
2293 /* now copy the trailing host part in front of the existing path */
2294 memcpy(path + 1, query, hostlen);
2296 path[0]='/'; /* prepend the missing slash */
2299 *query = 0; /* now cut off the hostname at the ? */
2302 /* if there's no path set, use a single slash */
2307 /* If the URL is malformatted (missing a '/' after hostname before path) we
2308 * insert a slash here. The only letters except '/' that can start a path is
2309 * '?' and '#' - as controlled by the two sscanf() patterns above.
2311 if(path[0] != '/') {
2312 /* We need this function to deal with overlapping memory areas. We know
2313 that the memory area 'path' points to is 'urllen' bytes big and that
2314 is bigger than the path. Use +1 to move the zero byte too. */
2315 memmove(&path[1], path, strlen(path) + 1);
2319 else if(!data->set.path_as_is) {
2320 /* sanitise paths and remove ../ and ./ sequences according to RFC3986 */
2321 char *newp = Curl_dedotdotify(path);
2323 return CURLE_OUT_OF_MEMORY;
2325 if(strcmp(newp, path)) {
2327 free(data->state.pathbuffer);
2328 data->state.pathbuffer = newp;
2329 data->state.path = newp;
2337 * "rebuild_url" means that one or more URL components have been modified so
2338 * we need to generate an updated full version. We need the corrected URL
2339 * when communicating over HTTP proxy and we don't know at this point if
2340 * we're using a proxy or not.
2345 size_t plen = strlen(path); /* new path, should be 1 byte longer than
2347 size_t prefixlen = strlen(conn->host.name);
2349 if(!*prot_missing) {
2350 size_t protolen = strlen(protop);
2352 if(curl_strnequal(protop, data->change.url, protolen))
2353 prefixlen += protolen;
2355 failf(data, "<url> malformed");
2356 return CURLE_URL_MALFORMAT;
2359 if(curl_strnequal("://", &data->change.url[protolen], 3))
2361 /* only file: is allowed to omit one or both slashes */
2362 else if(curl_strnequal("file:", data->change.url, 5))
2363 prefixlen += 1 + (data->change.url[5] == '/');
2365 failf(data, "<url> malformed");
2366 return CURLE_URL_MALFORMAT;
2370 reurl = malloc(prefixlen + plen + 1);
2372 return CURLE_OUT_OF_MEMORY;
2374 /* copy the prefix */
2375 memcpy(reurl, data->change.url, prefixlen);
2377 /* append the trailing piece + zerobyte */
2378 memcpy(&reurl[prefixlen], path, plen + 1);
2380 /* possible free the old one */
2381 if(data->change.url_alloc) {
2382 Curl_safefree(data->change.url);
2383 data->change.url_alloc = FALSE;
2386 infof(data, "Rebuilt URL to: %s\n", reurl);
2388 data->change.url = reurl;
2389 data->change.url_alloc = TRUE; /* free this later */
2392 result = findprotocol(data, conn, protop);
2397 * Parse the login details from the URL and strip them out of
2400 result = parse_url_login(data, conn, userp, passwdp, optionsp);
2404 if(conn->host.name[0] == '[') {
2405 /* This looks like an IPv6 address literal. See if there is an address
2406 scope if there is no location header */
2407 char *percent = strchr(conn->host.name, '%');
2409 unsigned int identifier_offset = 3;
2411 unsigned long scope;
2412 if(strncmp("%25", percent, 3) != 0) {
2414 "Please URL encode %% as %%25, see RFC 6874.\n");
2415 identifier_offset = 1;
2417 scope = strtoul(percent + identifier_offset, &endp, 10);
2419 /* The address scope was well formed. Knock it out of the
2421 memmove(percent, endp, strlen(endp) + 1);
2422 conn->scope_id = (unsigned int)scope;
2425 /* Zone identifier is not numeric */
2426 #if defined(HAVE_NET_IF_H) && defined(IFNAMSIZ) && defined(HAVE_IF_NAMETOINDEX)
2427 char ifname[IFNAMSIZ + 2];
2428 char *square_bracket;
2429 unsigned int scopeidx = 0;
2430 strncpy(ifname, percent + identifier_offset, IFNAMSIZ + 2);
2431 /* Ensure nullbyte termination */
2432 ifname[IFNAMSIZ + 1] = '\0';
2433 square_bracket = strchr(ifname, ']');
2434 if(square_bracket) {
2436 *square_bracket = '\0';
2437 scopeidx = if_nametoindex(ifname);
2439 infof(data, "Invalid network interface: %s; %s\n", ifname,
2444 char *p = percent + identifier_offset + strlen(ifname);
2446 /* Remove zone identifier from hostname */
2447 memmove(percent, p, strlen(p) + 1);
2448 conn->scope_id = scopeidx;
2451 #endif /* HAVE_NET_IF_H && IFNAMSIZ */
2452 infof(data, "Invalid IPv6 address format\n");
2457 if(data->set.scope_id)
2458 /* Override any scope that was set above. */
2459 conn->scope_id = data->set.scope_id;
2461 /* Remove the fragment part of the path. Per RFC 2396, this is always the
2462 last part of the URI. We are looking for the first '#' so that we deal
2463 gracefully with non conformant URI such as http://example.com#foo#bar. */
2464 fragment = strchr(path, '#');
2468 /* we know the path part ended with a fragment, so we know the full URL
2469 string does too and we need to cut it off from there so it isn't used
2471 fragment = strchr(data->change.url, '#');
2477 * So if the URL was A://B/C#D,
2479 * conn->host.name is B
2480 * data->state.path is /C
2486 * If we're doing a resumed transfer, we need to setup our stuff
2489 static CURLcode setup_range(struct Curl_easy *data)
2491 struct UrlState *s = &data->state;
2492 s->resume_from = data->set.set_resume_from;
2493 if(s->resume_from || data->set.str[STRING_SET_RANGE]) {
2494 if(s->rangestringalloc)
2498 s->range = aprintf("%" CURL_FORMAT_CURL_OFF_TU "-", s->resume_from);
2500 s->range = strdup(data->set.str[STRING_SET_RANGE]);
2502 s->rangestringalloc = (s->range) ? TRUE : FALSE;
2505 return CURLE_OUT_OF_MEMORY;
2507 /* tell ourselves to fetch this range */
2508 s->use_range = TRUE; /* enable range download */
2511 s->use_range = FALSE; /* disable range download */
2518 * setup_connection_internals() -
2520 * Setup connection internals specific to the requested protocol in the
2521 * Curl_easy. This is inited and setup before the connection is made but
2522 * is about the particular protocol that is to be used.
2524 * This MUST get called after proxy magic has been figured out.
2526 static CURLcode setup_connection_internals(struct connectdata *conn)
2528 const struct Curl_handler * p;
2530 struct Curl_easy *data = conn->data;
2532 /* in some case in the multi state-machine, we go back to the CONNECT state
2533 and then a second (or third or...) call to this function will be made
2534 without doing a DISCONNECT or DONE in between (since the connection is
2535 yet in place) and therefore this function needs to first make sure
2536 there's no lingering previous data allocated. */
2537 Curl_free_request_state(data);
2539 memset(&data->req, 0, sizeof(struct SingleRequest));
2540 data->req.maxdownload = -1;
2542 conn->socktype = SOCK_STREAM; /* most of them are TCP streams */
2544 /* Perform setup complement if some. */
2547 if(p->setup_connection) {
2548 result = (*p->setup_connection)(conn);
2553 p = conn->handler; /* May have changed. */
2557 /* we check for -1 here since if proxy was detected already, this
2558 was very likely already set to the proxy port */
2559 conn->port = p->defport;
2565 * Curl_free_request_state() should free temp data that was allocated in the
2566 * Curl_easy for this single request.
2569 void Curl_free_request_state(struct Curl_easy *data)
2571 Curl_safefree(data->req.protop);
2572 Curl_safefree(data->req.newurl);
2576 #ifndef CURL_DISABLE_PROXY
2577 /****************************************************************
2578 * Checks if the host is in the noproxy list. returns true if it matches
2579 * and therefore the proxy should NOT be used.
2580 ****************************************************************/
2581 static bool check_noproxy(const char *name, const char *no_proxy)
2583 /* no_proxy=domain1.dom,host.domain2.dom
2584 * (a comma-separated list of hosts which should
2585 * not be proxied, or an asterisk to override
2586 * all proxy variables)
2590 const char *separator = ", ";
2591 size_t no_proxy_len;
2595 if(no_proxy && no_proxy[0]) {
2596 if(strcasecompare("*", no_proxy)) {
2600 /* NO_PROXY was specified and it wasn't just an asterisk */
2602 no_proxy_len = strlen(no_proxy);
2603 if(name[0] == '[') {
2604 /* IPv6 numerical address */
2605 endptr = strchr(name, ']');
2611 endptr = strchr(name, ':');
2613 namelen = endptr - name;
2615 namelen = strlen(name);
2617 for(tok_start = 0; tok_start < no_proxy_len; tok_start = tok_end + 1) {
2618 while(tok_start < no_proxy_len &&
2619 strchr(separator, no_proxy[tok_start]) != NULL) {
2620 /* Look for the beginning of the token. */
2624 if(tok_start == no_proxy_len)
2625 break; /* It was all trailing separator chars, no more tokens. */
2627 for(tok_end = tok_start; tok_end < no_proxy_len &&
2628 strchr(separator, no_proxy[tok_end]) == NULL; ++tok_end)
2629 /* Look for the end of the token. */
2632 /* To match previous behaviour, where it was necessary to specify
2633 * ".local.com" to prevent matching "notlocal.com", we will leave
2636 if(no_proxy[tok_start] == '.')
2639 if((tok_end - tok_start) <= namelen) {
2640 /* Match the last part of the name to the domain we are checking. */
2641 const char *checkn = name + namelen - (tok_end - tok_start);
2642 if(strncasecompare(no_proxy + tok_start, checkn,
2643 tok_end - tok_start)) {
2644 if((tok_end - tok_start) == namelen || *(checkn - 1) == '.') {
2645 /* We either have an exact match, or the previous character is a .
2646 * so it is within the same domain, so no proxy for this host.
2651 } /* if((tok_end - tok_start) <= namelen) */
2652 } /* for(tok_start = 0; tok_start < no_proxy_len;
2653 tok_start = tok_end + 1) */
2654 } /* NO_PROXY was specified and it wasn't just an asterisk */
2659 #ifndef CURL_DISABLE_HTTP
2660 /****************************************************************
2661 * Detect what (if any) proxy to use. Remember that this selects a host
2662 * name and is not limited to HTTP proxies only.
2663 * The returned pointer must be freed by the caller (unless NULL)
2664 ****************************************************************/
2665 static char *detect_proxy(struct connectdata *conn)
2669 /* If proxy was not specified, we check for default proxy environment
2670 * variables, to enable i.e Lynx compliance:
2672 * http_proxy=http://some.server.dom:port/
2673 * https_proxy=http://some.server.dom:port/
2674 * ftp_proxy=http://some.server.dom:port/
2675 * no_proxy=domain1.dom,host.domain2.dom
2676 * (a comma-separated list of hosts which should
2677 * not be proxied, or an asterisk to override
2678 * all proxy variables)
2679 * all_proxy=http://some.server.dom:port/
2680 * (seems to exist for the CERN www lib. Probably
2681 * the first to check for.)
2683 * For compatibility, the all-uppercase versions of these variables are
2684 * checked if the lowercase versions don't exist.
2686 char proxy_env[128];
2687 const char *protop = conn->handler->scheme;
2688 char *envp = proxy_env;
2691 /* Now, build <protocol>_proxy and check for such a one to use */
2693 *envp++ = (char)tolower((int)*protop++);
2696 strcpy(envp, "_proxy");
2698 /* read the protocol proxy: */
2699 prox = curl_getenv(proxy_env);
2702 * We don't try the uppercase version of HTTP_PROXY because of
2705 * When curl is used in a webserver application
2706 * environment (cgi or php), this environment variable can
2707 * be controlled by the web server user by setting the
2708 * http header 'Proxy:' to some value.
2710 * This can cause 'internal' http/ftp requests to be
2711 * arbitrarily redirected by any external attacker.
2713 if(!prox && !strcasecompare("http_proxy", proxy_env)) {
2714 /* There was no lowercase variable, try the uppercase version: */
2715 Curl_strntoupper(proxy_env, proxy_env, sizeof(proxy_env));
2716 prox = curl_getenv(proxy_env);
2720 proxy = prox; /* use this */
2722 proxy = curl_getenv("all_proxy"); /* default proxy to use */
2724 proxy = curl_getenv("ALL_PROXY");
2729 #endif /* CURL_DISABLE_HTTP */
2732 * If this is supposed to use a proxy, we need to figure out the proxy
2733 * host name, so that we can re-use an existing connection
2734 * that may exist registered to the same proxy host.
2736 static CURLcode parse_proxy(struct Curl_easy *data,
2737 struct connectdata *conn, char *proxy,
2738 curl_proxytype proxytype)
2743 /* We use 'proxyptr' to point to the proxy name from now on... */
2748 char *proxyuser = NULL;
2749 char *proxypasswd = NULL;
2752 /* We do the proxy host string parsing here. We want the host name and the
2753 * port name. Accept a protocol:// prefix
2756 /* Parse the protocol part if present */
2757 endofprot = strstr(proxy, "://");
2759 proxyptr = endofprot + 3;
2760 if(checkprefix("https", proxy))
2761 proxytype = CURLPROXY_HTTPS;
2762 else if(checkprefix("socks5h", proxy))
2763 proxytype = CURLPROXY_SOCKS5_HOSTNAME;
2764 else if(checkprefix("socks5", proxy))
2765 proxytype = CURLPROXY_SOCKS5;
2766 else if(checkprefix("socks4a", proxy))
2767 proxytype = CURLPROXY_SOCKS4A;
2768 else if(checkprefix("socks4", proxy) || checkprefix("socks", proxy))
2769 proxytype = CURLPROXY_SOCKS4;
2770 else if(checkprefix("http:", proxy))
2771 ; /* leave it as HTTP or HTTP/1.0 */
2773 /* Any other xxx:// reject! */
2774 failf(data, "Unsupported proxy scheme for \'%s\'", proxy);
2775 return CURLE_COULDNT_CONNECT;
2779 proxyptr = proxy; /* No xxx:// head: It's a HTTP proxy */
2782 if(!Curl_ssl->support_https_proxy)
2784 if(proxytype == CURLPROXY_HTTPS) {
2785 failf(data, "Unsupported proxy \'%s\', libcurl is built without the "
2786 "HTTPS-proxy support.", proxy);
2787 return CURLE_NOT_BUILT_IN;
2790 sockstype = proxytype == CURLPROXY_SOCKS5_HOSTNAME ||
2791 proxytype == CURLPROXY_SOCKS5 ||
2792 proxytype == CURLPROXY_SOCKS4A ||
2793 proxytype == CURLPROXY_SOCKS4;
2795 /* Is there a username and password given in this proxy url? */
2796 atsign = strchr(proxyptr, '@');
2799 Curl_parse_login_details(proxyptr, atsign - proxyptr,
2800 &proxyuser, &proxypasswd, NULL);
2803 proxyptr = atsign + 1;
2806 /* start scanning for port number at this point */
2809 /* detect and extract RFC6874-style IPv6-addresses */
2810 if(*proxyptr == '[') {
2811 char *ptr = ++proxyptr; /* advance beyond the initial bracket */
2812 while(*ptr && (ISXDIGIT(*ptr) || (*ptr == ':') || (*ptr == '.')))
2815 /* There might be a zone identifier */
2816 if(strncmp("%25", ptr, 3))
2817 infof(data, "Please URL encode %% as %%25, see RFC 6874.\n");
2819 /* Allow unreserved characters as defined in RFC 3986 */
2820 while(*ptr && (ISALPHA(*ptr) || ISXDIGIT(*ptr) || (*ptr == '-') ||
2821 (*ptr == '.') || (*ptr == '_') || (*ptr == '~')))
2825 /* yeps, it ended nicely with a bracket as well */
2828 infof(data, "Invalid IPv6 address format\n");
2830 /* Note that if this didn't end with a bracket, we still advanced the
2831 * proxyptr first, but I can't see anything wrong with that as no host
2832 * name nor a numeric can legally start with a bracket.
2836 /* Get port number off proxy.server.com:1080 */
2837 prox_portno = strchr(portptr, ':');
2841 *prox_portno = 0x0; /* cut off number from host name */
2843 /* now set the local port number */
2844 port = strtol(prox_portno, &endp, 10);
2845 if((endp && *endp && (*endp != '/') && (*endp != ' ')) ||
2846 (port < 0) || (port > 65535)) {
2847 /* meant to detect for example invalid IPv6 numerical addresses without
2848 brackets: "2a00:fac0:a000::7:13". Accept a trailing slash only
2849 because we then allow "URL style" with the number followed by a
2850 slash, used in curl test cases already. Space is also an acceptable
2851 terminating symbol. */
2852 infof(data, "No valid port number in proxy string (%s)\n",
2859 if(proxyptr[0]=='/') {
2860 /* If the first character in the proxy string is a slash, fail
2861 immediately. The following code will otherwise clear the string which
2862 will lead to code running as if no proxy was set! */
2863 Curl_safefree(proxyuser);
2864 Curl_safefree(proxypasswd);
2865 return CURLE_COULDNT_RESOLVE_PROXY;
2868 /* without a port number after the host name, some people seem to use
2869 a slash so we strip everything from the first slash */
2870 atsign = strchr(proxyptr, '/');
2872 *atsign = '\0'; /* cut off path part from host name */
2874 if(data->set.proxyport)
2875 /* None given in the proxy string, then get the default one if it is
2877 port = data->set.proxyport;
2879 if(proxytype == CURLPROXY_HTTPS)
2880 port = CURL_DEFAULT_HTTPS_PROXY_PORT;
2882 port = CURL_DEFAULT_PROXY_PORT;
2887 struct proxy_info *proxyinfo =
2888 sockstype ? &conn->socks_proxy : &conn->http_proxy;
2889 proxyinfo->proxytype = proxytype;
2892 /* found user and password, rip them out. note that we are unescaping
2893 them, as there is otherwise no way to have a username or password
2894 with reserved characters like ':' in them. */
2895 Curl_safefree(proxyinfo->user);
2896 proxyinfo->user = curl_easy_unescape(data, proxyuser, 0, NULL);
2897 Curl_safefree(proxyuser);
2899 if(!proxyinfo->user) {
2900 Curl_safefree(proxypasswd);
2901 return CURLE_OUT_OF_MEMORY;
2904 Curl_safefree(proxyinfo->passwd);
2905 if(proxypasswd && strlen(proxypasswd) < MAX_CURL_PASSWORD_LENGTH)
2906 proxyinfo->passwd = curl_easy_unescape(data, proxypasswd, 0, NULL);
2908 proxyinfo->passwd = strdup("");
2909 Curl_safefree(proxypasswd);
2911 if(!proxyinfo->passwd)
2912 return CURLE_OUT_OF_MEMORY;
2914 conn->bits.proxy_user_passwd = TRUE; /* enable it */
2918 proxyinfo->port = port;
2919 if(conn->port < 0 || sockstype || !conn->socks_proxy.host.rawalloc)
2923 /* now, clone the cleaned proxy host name */
2924 Curl_safefree(proxyinfo->host.rawalloc);
2925 proxyinfo->host.rawalloc = strdup(proxyptr);
2926 proxyinfo->host.name = proxyinfo->host.rawalloc;
2928 if(!proxyinfo->host.rawalloc)
2929 return CURLE_OUT_OF_MEMORY;
2932 Curl_safefree(proxyuser);
2933 Curl_safefree(proxypasswd);
2939 * Extract the user and password from the authentication string
2941 static CURLcode parse_proxy_auth(struct Curl_easy *data,
2942 struct connectdata *conn)
2944 char proxyuser[MAX_CURL_USER_LENGTH]="";
2945 char proxypasswd[MAX_CURL_PASSWORD_LENGTH]="";
2948 if(data->set.str[STRING_PROXYUSERNAME] != NULL) {
2949 strncpy(proxyuser, data->set.str[STRING_PROXYUSERNAME],
2950 MAX_CURL_USER_LENGTH);
2951 proxyuser[MAX_CURL_USER_LENGTH-1] = '\0'; /*To be on safe side*/
2953 if(data->set.str[STRING_PROXYPASSWORD] != NULL) {
2954 strncpy(proxypasswd, data->set.str[STRING_PROXYPASSWORD],
2955 MAX_CURL_PASSWORD_LENGTH);
2956 proxypasswd[MAX_CURL_PASSWORD_LENGTH-1] = '\0'; /*To be on safe side*/
2959 result = Curl_urldecode(data, proxyuser, 0, &conn->http_proxy.user, NULL,
2962 result = Curl_urldecode(data, proxypasswd, 0, &conn->http_proxy.passwd,
2967 /* create_conn helper to parse and init proxy values. to be called after unix
2968 socket init but before any proxy vars are evaluated. */
2969 static CURLcode create_conn_helper_init_proxy(struct connectdata *conn)
2972 char *socksproxy = NULL;
2973 char *no_proxy = NULL;
2974 CURLcode result = CURLE_OK;
2975 struct Curl_easy *data = conn->data;
2977 /*************************************************************
2978 * Extract the user and password from the authentication string
2979 *************************************************************/
2980 if(conn->bits.proxy_user_passwd) {
2981 result = parse_proxy_auth(data, conn);
2986 /*************************************************************
2987 * Detect what (if any) proxy to use
2988 *************************************************************/
2989 if(data->set.str[STRING_PROXY]) {
2990 proxy = strdup(data->set.str[STRING_PROXY]);
2991 /* if global proxy is set, this is it */
2993 failf(data, "memory shortage");
2994 result = CURLE_OUT_OF_MEMORY;
2999 if(data->set.str[STRING_PRE_PROXY]) {
3000 socksproxy = strdup(data->set.str[STRING_PRE_PROXY]);
3001 /* if global socks proxy is set, this is it */
3002 if(NULL == socksproxy) {
3003 failf(data, "memory shortage");
3004 result = CURLE_OUT_OF_MEMORY;
3009 if(!data->set.str[STRING_NOPROXY]) {
3010 no_proxy = curl_getenv("no_proxy");
3012 no_proxy = curl_getenv("NO_PROXY");
3015 if(check_noproxy(conn->host.name, data->set.str[STRING_NOPROXY] ?
3016 data->set.str[STRING_NOPROXY] : no_proxy)) {
3017 Curl_safefree(proxy);
3018 Curl_safefree(socksproxy);
3020 #ifndef CURL_DISABLE_HTTP
3021 else if(!proxy && !socksproxy)
3022 /* if the host is not in the noproxy list, detect proxy. */
3023 proxy = detect_proxy(conn);
3024 #endif /* CURL_DISABLE_HTTP */
3026 Curl_safefree(no_proxy);
3028 #ifdef USE_UNIX_SOCKETS
3029 /* For the time being do not mix proxy and unix domain sockets. See #1274 */
3030 if(proxy && conn->unix_domain_socket) {
3036 if(proxy && (!*proxy || (conn->handler->flags & PROTOPT_NONETWORK))) {
3037 free(proxy); /* Don't bother with an empty proxy string or if the
3038 protocol doesn't work with network */
3041 if(socksproxy && (!*socksproxy ||
3042 (conn->handler->flags & PROTOPT_NONETWORK))) {
3043 free(socksproxy); /* Don't bother with an empty socks proxy string or if
3044 the protocol doesn't work with network */
3048 /***********************************************************************
3049 * If this is supposed to use a proxy, we need to figure out the proxy host
3050 * name, proxy type and port number, so that we can re-use an existing
3051 * connection that may exist registered to the same proxy host.
3052 ***********************************************************************/
3053 if(proxy || socksproxy) {
3055 result = parse_proxy(data, conn, proxy, conn->http_proxy.proxytype);
3056 Curl_safefree(proxy); /* parse_proxy copies the proxy string */
3062 result = parse_proxy(data, conn, socksproxy,
3063 conn->socks_proxy.proxytype);
3064 /* parse_proxy copies the socks proxy string */
3065 Curl_safefree(socksproxy);
3070 if(conn->http_proxy.host.rawalloc) {
3071 #ifdef CURL_DISABLE_HTTP
3072 /* asking for a HTTP proxy is a bit funny when HTTP is disabled... */
3073 result = CURLE_UNSUPPORTED_PROTOCOL;
3076 /* force this connection's protocol to become HTTP if compatible */
3077 if(!(conn->handler->protocol & PROTO_FAMILY_HTTP)) {
3078 if((conn->handler->flags & PROTOPT_PROXY_AS_HTTP) &&
3079 !conn->bits.tunnel_proxy)
3080 conn->handler = &Curl_handler_http;
3082 /* if not converting to HTTP over the proxy, enforce tunneling */
3083 conn->bits.tunnel_proxy = TRUE;
3085 conn->bits.httpproxy = TRUE;
3089 conn->bits.httpproxy = FALSE; /* not a HTTP proxy */
3090 conn->bits.tunnel_proxy = FALSE; /* no tunneling if not HTTP */
3093 if(conn->socks_proxy.host.rawalloc) {
3094 if(!conn->http_proxy.host.rawalloc) {
3095 /* once a socks proxy */
3096 if(!conn->socks_proxy.user) {
3097 conn->socks_proxy.user = conn->http_proxy.user;
3098 conn->http_proxy.user = NULL;
3099 Curl_safefree(conn->socks_proxy.passwd);
3100 conn->socks_proxy.passwd = conn->http_proxy.passwd;
3101 conn->http_proxy.passwd = NULL;
3104 conn->bits.socksproxy = TRUE;
3107 conn->bits.socksproxy = FALSE; /* not a socks proxy */
3110 conn->bits.socksproxy = FALSE;
3111 conn->bits.httpproxy = FALSE;
3113 conn->bits.proxy = conn->bits.httpproxy || conn->bits.socksproxy;
3115 if(!conn->bits.proxy) {
3116 /* we aren't using the proxy after all... */
3117 conn->bits.proxy = FALSE;
3118 conn->bits.httpproxy = FALSE;
3119 conn->bits.socksproxy = FALSE;
3120 conn->bits.proxy_user_passwd = FALSE;
3121 conn->bits.tunnel_proxy = FALSE;
3130 #endif /* CURL_DISABLE_PROXY */
3135 * Parse the login details (user name, password and options) from the URL and
3136 * strip them out of the host name
3138 * Inputs: data->set.use_netrc (CURLOPT_NETRC)
3141 * Outputs: (almost :- all currently undefined)
3142 * conn->bits.user_passwd - non-zero if non-default passwords exist
3143 * user - non-zero length if defined
3144 * passwd - non-zero length if defined
3145 * options - non-zero length if defined
3146 * conn->host.name - remove user name and password
3148 static CURLcode parse_url_login(struct Curl_easy *data,
3149 struct connectdata *conn,
3150 char **user, char **passwd, char **options)
3152 CURLcode result = CURLE_OK;
3154 char *passwdp = NULL;
3155 char *optionsp = NULL;
3157 /* At this point, we're hoping all the other special cases have
3158 * been taken care of, so conn->host.name is at most
3159 * [user[:password][;options]]@]hostname
3161 * We need somewhere to put the embedded details, so do that first.
3164 char *ptr = strchr(conn->host.name, '@');
3165 char *login = conn->host.name;
3167 DEBUGASSERT(!**user);
3168 DEBUGASSERT(!**passwd);
3169 DEBUGASSERT(!**options);
3170 DEBUGASSERT(conn->handler);
3175 /* We will now try to extract the
3176 * possible login information in a string like:
3177 * ftp://user:password@ftp.my.site:8021/README */
3178 conn->host.name = ++ptr;
3180 /* So the hostname is sane. Only bother interpreting the
3181 * results if we could care. It could still be wasted
3182 * work because it might be overtaken by the programmatically
3183 * set user/passwd, but doing that first adds more cases here :-(
3186 if(data->set.use_netrc == CURL_NETRC_REQUIRED)
3189 /* We could use the login information in the URL so extract it. Only parse
3190 options if the handler says we should. */
3192 Curl_parse_login_details(login, ptr - login - 1,
3194 (conn->handler->flags & PROTOPT_URLOPTIONS)?
3202 /* We have a user in the URL */
3203 conn->bits.userpwd_in_url = TRUE;
3204 conn->bits.user_passwd = TRUE; /* enable user+password */
3206 /* Decode the user */
3207 result = Curl_urldecode(data, userp, 0, &newname, NULL, FALSE);
3217 /* We have a password in the URL so decode it */
3219 result = Curl_urldecode(data, passwdp, 0, &newpasswd, NULL, FALSE);
3225 *passwd = newpasswd;
3229 /* We have an options list in the URL so decode it */
3231 result = Curl_urldecode(data, optionsp, 0, &newoptions, NULL, FALSE);
3237 *options = newoptions;
3251 * Curl_parse_login_details()
3253 * This is used to parse a login string for user name, password and options in
3254 * the following formats:
3258 * user:password;options
3260 * user;options:password
3268 * login [in] - The login string.
3269 * len [in] - The length of the login string.
3270 * userp [in/out] - The address where a pointer to newly allocated memory
3271 * holding the user will be stored upon completion.
3272 * passdwp [in/out] - The address where a pointer to newly allocated memory
3273 * holding the password will be stored upon completion.
3274 * optionsp [in/out] - The address where a pointer to newly allocated memory
3275 * holding the options will be stored upon completion.
3277 * Returns CURLE_OK on success.
3279 CURLcode Curl_parse_login_details(const char *login, const size_t len,
3280 char **userp, char **passwdp,
3283 CURLcode result = CURLE_OK;
3287 const char *psep = NULL;
3288 const char *osep = NULL;
3293 /* Attempt to find the password separator */
3295 psep = strchr(login, ':');
3297 /* Within the constraint of the login string */
3298 if(psep >= login + len)
3302 /* Attempt to find the options separator */
3304 osep = strchr(login, ';');
3306 /* Within the constraint of the login string */
3307 if(osep >= login + len)
3311 /* Calculate the portion lengths */
3313 (size_t)(osep && psep > osep ? osep - login : psep - login) :
3314 (osep ? (size_t)(osep - login) : len));
3316 (osep && osep > psep ? (size_t)(osep - psep) :
3317 (size_t)(login + len - psep)) - 1 : 0);
3319 (psep && psep > osep ? (size_t)(psep - osep) :
3320 (size_t)(login + len - osep)) - 1 : 0);
3322 /* Allocate the user portion buffer */
3324 ubuf = malloc(ulen + 1);
3326 result = CURLE_OUT_OF_MEMORY;
3329 /* Allocate the password portion buffer */
3330 if(!result && passwdp && plen) {
3331 pbuf = malloc(plen + 1);
3334 result = CURLE_OUT_OF_MEMORY;
3338 /* Allocate the options portion buffer */
3339 if(!result && optionsp && olen) {
3340 obuf = malloc(olen + 1);
3344 result = CURLE_OUT_OF_MEMORY;
3349 /* Store the user portion if necessary */
3351 memcpy(ubuf, login, ulen);
3353 Curl_safefree(*userp);
3357 /* Store the password portion if necessary */
3359 memcpy(pbuf, psep + 1, plen);
3361 Curl_safefree(*passwdp);
3365 /* Store the options portion if necessary */
3367 memcpy(obuf, osep + 1, olen);
3369 Curl_safefree(*optionsp);
3377 /*************************************************************
3378 * Figure out the remote port number and fix it in the URL
3380 * No matter if we use a proxy or not, we have to figure out the remote
3381 * port number of various reasons.
3383 * To be able to detect port number flawlessly, we must not confuse them
3384 * IPv6-specified addresses in the [0::1] style. (RFC2732)
3386 * The conn->host.name is currently [user:passwd@]host[:port] where host
3387 * could be a hostname, IPv4 address or IPv6 address.
3389 * The port number embedded in the URL is replaced, if necessary.
3390 *************************************************************/
3391 static CURLcode parse_remote_port(struct Curl_easy *data,
3392 struct connectdata *conn)
3397 /* Note that at this point, the IPv6 address cannot contain any scope
3398 suffix as that has already been removed in the parseurlandfillconn()
3400 if((1 == sscanf(conn->host.name, "[%*45[0123456789abcdefABCDEF:.]%c",
3402 (']' == endbracket)) {
3403 /* this is a RFC2732-style specified IP-address */
3404 conn->bits.ipv6_ip = TRUE;
3406 conn->host.name++; /* skip over the starting bracket */
3407 portptr = strchr(conn->host.name, ']');
3409 *portptr++ = '\0'; /* zero terminate, killing the bracket */
3411 if (*portptr != ':') {
3412 failf(data, "IPv6 closing bracket followed by '%c'", *portptr);
3413 return CURLE_URL_MALFORMAT;
3417 portptr = NULL; /* no port number available */
3422 struct in6_addr in6;
3423 if(Curl_inet_pton(AF_INET6, conn->host.name, &in6) > 0) {
3424 /* This is a numerical IPv6 address, meaning this is a wrongly formatted
3426 failf(data, "IPv6 numerical address used in URL without brackets");
3427 return CURLE_URL_MALFORMAT;
3431 portptr = strchr(conn->host.name, ':');
3434 if(data->set.use_port && data->state.allow_port) {
3435 /* if set, we use this and ignore the port possibly given in the URL */
3436 conn->remote_port = (unsigned short)data->set.use_port;
3438 *portptr = '\0'; /* cut off the name there anyway - if there was a port
3439 number - since the port number is to be ignored! */
3440 if(conn->bits.httpproxy) {
3441 /* we need to create new URL with the new port number */
3445 if(conn->bits.type_set)
3446 snprintf(type, sizeof(type), ";type=%c",
3447 data->set.prefer_ascii?'A':
3448 (data->set.ftp_list_only?'D':'I'));
3451 * This synthesized URL isn't always right--suffixes like ;type=A are
3452 * stripped off. It would be better to work directly from the original
3453 * URL and simply replace the port part of it.
3455 url = aprintf("%s://%s%s%s:%hu%s%s%s", conn->given->scheme,
3456 conn->bits.ipv6_ip?"[":"", conn->host.name,
3457 conn->bits.ipv6_ip?"]":"", conn->remote_port,
3458 data->state.slash_removed?"/":"", data->state.path,
3461 return CURLE_OUT_OF_MEMORY;
3463 if(data->change.url_alloc) {
3464 Curl_safefree(data->change.url);
3465 data->change.url_alloc = FALSE;
3468 data->change.url = url;
3469 data->change.url_alloc = TRUE;
3473 /* no CURLOPT_PORT given, extract the one from the URL */
3478 port = strtol(portptr + 1, &rest, 10); /* Port number must be decimal */
3480 if((port < 0) || (port > 0xffff)) {
3481 /* Single unix standard says port numbers are 16 bits long */
3482 failf(data, "Port number out of range");
3483 return CURLE_URL_MALFORMAT;
3487 failf(data, "Port number ended with '%c'", rest[0]);
3488 return CURLE_URL_MALFORMAT;
3491 if(rest != &portptr[1]) {
3492 *portptr = '\0'; /* cut off the name there */
3493 conn->remote_port = curlx_ultous(port);
3496 /* Browser behavior adaptation. If there's a colon with no digits after,
3497 just cut off the name there which makes us ignore the colon and just
3498 use the default port. Firefox and Chrome both do that. */
3503 /* only if remote_port was not already parsed off the URL we use the
3504 default port number */
3505 if(conn->remote_port < 0)
3506 conn->remote_port = (unsigned short)conn->given->defport;
3512 * Override the login details from the URL with that in the CURLOPT_USERPWD
3513 * option or a .netrc file, if applicable.
3515 static CURLcode override_login(struct Curl_easy *data,
3516 struct connectdata *conn,
3517 char **userp, char **passwdp, char **optionsp)
3519 if(data->set.str[STRING_USERNAME]) {
3521 *userp = strdup(data->set.str[STRING_USERNAME]);
3523 return CURLE_OUT_OF_MEMORY;
3526 if(data->set.str[STRING_PASSWORD]) {
3528 *passwdp = strdup(data->set.str[STRING_PASSWORD]);
3530 return CURLE_OUT_OF_MEMORY;
3533 if(data->set.str[STRING_OPTIONS]) {
3535 *optionsp = strdup(data->set.str[STRING_OPTIONS]);
3537 return CURLE_OUT_OF_MEMORY;
3540 conn->bits.netrc = FALSE;
3541 if(data->set.use_netrc != CURL_NETRC_IGNORED) {
3542 int ret = Curl_parsenetrc(conn->host.name,
3544 data->set.str[STRING_NETRC_FILE]);
3546 infof(data, "Couldn't find host %s in the "
3547 DOT_CHAR "netrc file; using defaults\n",
3551 return CURLE_OUT_OF_MEMORY;
3554 /* set bits.netrc TRUE to remember that we got the name from a .netrc
3555 file, so that it is safe to use even if we followed a Location: to a
3556 different host or similar. */
3557 conn->bits.netrc = TRUE;
3559 conn->bits.user_passwd = TRUE; /* enable user+password */
3567 * Set the login details so they're available in the connection
3569 static CURLcode set_login(struct connectdata *conn,
3570 const char *user, const char *passwd,
3571 const char *options)
3573 CURLcode result = CURLE_OK;
3575 /* If our protocol needs a password and we have none, use the defaults */
3576 if((conn->handler->flags & PROTOPT_NEEDSPWD) && !conn->bits.user_passwd) {
3577 /* Store the default user */
3578 conn->user = strdup(CURL_DEFAULT_USER);
3580 /* Store the default password */
3582 conn->passwd = strdup(CURL_DEFAULT_PASSWORD);
3584 conn->passwd = NULL;
3586 /* This is the default password, so DON'T set conn->bits.user_passwd */
3589 /* Store the user, zero-length if not set */
3590 conn->user = strdup(user);
3592 /* Store the password (only if user is present), zero-length if not set */
3594 conn->passwd = strdup(passwd);
3596 conn->passwd = NULL;
3599 if(!conn->user || !conn->passwd)
3600 result = CURLE_OUT_OF_MEMORY;
3602 /* Store the options, null if not set */
3603 if(!result && options[0]) {
3604 conn->options = strdup(options);
3607 result = CURLE_OUT_OF_MEMORY;
3614 * Parses a "host:port" string to connect to.
3615 * The hostname and the port may be empty; in this case, NULL is returned for
3616 * the hostname and -1 for the port.
3618 static CURLcode parse_connect_to_host_port(struct Curl_easy *data,
3620 char **hostname_result,
3629 #if defined(CURL_DISABLE_VERBOSE_STRINGS)
3633 *hostname_result = NULL;
3639 host_dup = strdup(host);
3641 return CURLE_OUT_OF_MEMORY;
3645 /* start scanning for port number at this point */
3648 /* detect and extract RFC6874-style IPv6-addresses */
3649 if(*hostptr == '[') {
3651 char *ptr = ++hostptr; /* advance beyond the initial bracket */
3652 while(*ptr && (ISXDIGIT(*ptr) || (*ptr == ':') || (*ptr == '.')))
3655 /* There might be a zone identifier */
3656 if(strncmp("%25", ptr, 3))
3657 infof(data, "Please URL encode %% as %%25, see RFC 6874.\n");
3659 /* Allow unreserved characters as defined in RFC 3986 */
3660 while(*ptr && (ISALPHA(*ptr) || ISXDIGIT(*ptr) || (*ptr == '-') ||
3661 (*ptr == '.') || (*ptr == '_') || (*ptr == '~')))
3665 /* yeps, it ended nicely with a bracket as well */
3668 infof(data, "Invalid IPv6 address format\n");
3670 /* Note that if this didn't end with a bracket, we still advanced the
3671 * hostptr first, but I can't see anything wrong with that as no host
3672 * name nor a numeric can legally start with a bracket.
3675 failf(data, "Use of IPv6 in *_CONNECT_TO without IPv6 support built-in!");
3677 return CURLE_NOT_BUILT_IN;
3681 /* Get port number off server.com:1080 */
3682 host_portno = strchr(portptr, ':');
3685 *host_portno = '\0'; /* cut off number from host name */
3688 long portparse = strtol(host_portno, &endp, 10);
3689 if((endp && *endp) || (portparse < 0) || (portparse > 65535)) {
3690 infof(data, "No valid port number in connect to host string (%s)\n",
3696 port = (int)portparse; /* we know it will fit */
3700 /* now, clone the cleaned host name */
3702 *hostname_result = strdup(hostptr);
3703 if(!*hostname_result) {
3705 return CURLE_OUT_OF_MEMORY;
3709 *port_result = port;
3716 * Parses one "connect to" string in the form:
3717 * "HOST:PORT:CONNECT-TO-HOST:CONNECT-TO-PORT".
3719 static CURLcode parse_connect_to_string(struct Curl_easy *data,
3720 struct connectdata *conn,
3721 const char *conn_to_host,
3725 CURLcode result = CURLE_OK;
3726 const char *ptr = conn_to_host;
3727 int host_match = FALSE;
3728 int port_match = FALSE;
3730 *host_result = NULL;
3734 /* an empty hostname always matches */
3739 /* check whether the URL's hostname matches */
3740 size_t hostname_to_match_len;
3741 char *hostname_to_match = aprintf("%s%s%s",
3742 conn->bits.ipv6_ip ? "[" : "",
3744 conn->bits.ipv6_ip ? "]" : "");
3745 if(!hostname_to_match)
3746 return CURLE_OUT_OF_MEMORY;
3747 hostname_to_match_len = strlen(hostname_to_match);
3748 host_match = strncasecompare(ptr, hostname_to_match,
3749 hostname_to_match_len);
3750 free(hostname_to_match);
3751 ptr += hostname_to_match_len;
3753 host_match = host_match && *ptr == ':';
3759 /* an empty port always matches */
3764 /* check whether the URL's port matches */
3765 char *ptr_next = strchr(ptr, ':');
3768 long port_to_match = strtol(ptr, &endp, 10);
3769 if((endp == ptr_next) && (port_to_match == conn->remote_port)) {
3777 if(host_match && port_match) {
3778 /* parse the hostname and port to connect to */
3779 result = parse_connect_to_host_port(data, ptr, host_result, port_result);
3786 * Processes all strings in the "connect to" slist, and uses the "connect
3787 * to host" and "connect to port" of the first string that matches.
3789 static CURLcode parse_connect_to_slist(struct Curl_easy *data,
3790 struct connectdata *conn,
3791 struct curl_slist *conn_to_host)
3793 CURLcode result = CURLE_OK;
3797 while(conn_to_host && !host && port == -1) {
3798 result = parse_connect_to_string(data, conn, conn_to_host->data,
3804 conn->conn_to_host.rawalloc = host;
3805 conn->conn_to_host.name = host;
3806 conn->bits.conn_to_host = TRUE;
3808 infof(data, "Connecting to hostname: %s\n", host);
3811 /* no "connect to host" */
3812 conn->bits.conn_to_host = FALSE;
3813 Curl_safefree(host);
3817 conn->conn_to_port = port;
3818 conn->bits.conn_to_port = TRUE;
3819 infof(data, "Connecting to port: %d\n", port);
3822 /* no "connect to port" */
3823 conn->bits.conn_to_port = FALSE;
3827 conn_to_host = conn_to_host->next;
3833 /*************************************************************
3834 * Resolve the address of the server or proxy
3835 *************************************************************/
3836 static CURLcode resolve_server(struct Curl_easy *data,
3837 struct connectdata *conn,
3840 CURLcode result = CURLE_OK;
3841 timediff_t timeout_ms = Curl_timeleft(data, NULL, TRUE);
3843 /*************************************************************
3844 * Resolve the name of the server or proxy
3845 *************************************************************/
3846 if(conn->bits.reuse)
3847 /* We're reusing the connection - no need to resolve anything, and
3848 fix_hostname() was called already in create_conn() for the re-use
3853 /* this is a fresh connect */
3855 struct Curl_dns_entry *hostaddr;
3857 #ifdef USE_UNIX_SOCKETS
3858 if(conn->unix_domain_socket) {
3859 /* Unix domain sockets are local. The host gets ignored, just use the
3860 * specified domain socket address. Do not cache "DNS entries". There is
3861 * no DNS involved and we already have the filesystem path available */
3862 const char *path = conn->unix_domain_socket;
3864 hostaddr = calloc(1, sizeof(struct Curl_dns_entry));
3866 result = CURLE_OUT_OF_MEMORY;
3868 bool longpath = FALSE;
3869 hostaddr->addr = Curl_unix2addr(path, &longpath,
3870 conn->abstract_unix_socket);
3874 /* Long paths are not supported for now */
3876 failf(data, "Unix socket path too long: '%s'", path);
3877 result = CURLE_COULDNT_RESOLVE_HOST;
3880 result = CURLE_OUT_OF_MEMORY;
3888 if(!conn->bits.proxy) {
3889 struct hostname *connhost;
3890 if(conn->bits.conn_to_host)
3891 connhost = &conn->conn_to_host;
3893 connhost = &conn->host;
3895 /* If not connecting via a proxy, extract the port from the URL, if it is
3896 * there, thus overriding any defaults that might have been set above. */
3897 if(conn->bits.conn_to_port)
3898 conn->port = conn->conn_to_port;
3900 conn->port = conn->remote_port;
3902 /* Resolve target host right on */
3903 rc = Curl_resolv_timeout(conn, connhost->name, (int)conn->port,
3904 &hostaddr, timeout_ms);
3905 if(rc == CURLRESOLV_PENDING)
3908 else if(rc == CURLRESOLV_TIMEDOUT)
3909 result = CURLE_OPERATION_TIMEDOUT;
3911 else if(!hostaddr) {
3912 failf(data, "Couldn't resolve host '%s'", connhost->dispname);
3913 result = CURLE_COULDNT_RESOLVE_HOST;
3914 /* don't return yet, we need to clean up the timeout first */
3918 /* This is a proxy that hasn't been resolved yet. */
3920 struct hostname * const host = conn->bits.socksproxy ?
3921 &conn->socks_proxy.host : &conn->http_proxy.host;
3924 rc = Curl_resolv_timeout(conn, host->name, (int)conn->port,
3925 &hostaddr, timeout_ms);
3927 if(rc == CURLRESOLV_PENDING)
3930 else if(rc == CURLRESOLV_TIMEDOUT)
3931 result = CURLE_OPERATION_TIMEDOUT;
3933 else if(!hostaddr) {
3934 failf(data, "Couldn't resolve proxy '%s'", host->dispname);
3935 result = CURLE_COULDNT_RESOLVE_PROXY;
3936 /* don't return yet, we need to clean up the timeout first */
3939 DEBUGASSERT(conn->dns_entry == NULL);
3940 conn->dns_entry = hostaddr;
3947 * Cleanup the connection just allocated before we can move along and use the
3948 * previously existing one. All relevant data is copied over and old_conn is
3949 * ready for freeing once this function returns.
3951 static void reuse_conn(struct connectdata *old_conn,
3952 struct connectdata *conn)
3954 free_fixed_hostname(&old_conn->http_proxy.host);
3955 free_fixed_hostname(&old_conn->socks_proxy.host);
3957 free(old_conn->http_proxy.host.rawalloc);
3958 free(old_conn->socks_proxy.host.rawalloc);
3960 /* free the SSL config struct from this connection struct as this was
3961 allocated in vain and is targeted for destruction */
3962 Curl_free_primary_ssl_config(&old_conn->ssl_config);
3963 Curl_free_primary_ssl_config(&old_conn->proxy_ssl_config);
3965 conn->data = old_conn->data;
3967 /* get the user+password information from the old_conn struct since it may
3968 * be new for this request even when we re-use an existing connection */
3969 conn->bits.user_passwd = old_conn->bits.user_passwd;
3970 if(conn->bits.user_passwd) {
3971 /* use the new user name and password though */
3972 Curl_safefree(conn->user);
3973 Curl_safefree(conn->passwd);
3974 conn->user = old_conn->user;
3975 conn->passwd = old_conn->passwd;
3976 old_conn->user = NULL;
3977 old_conn->passwd = NULL;
3980 conn->bits.proxy_user_passwd = old_conn->bits.proxy_user_passwd;
3981 if(conn->bits.proxy_user_passwd) {
3982 /* use the new proxy user name and proxy password though */
3983 Curl_safefree(conn->http_proxy.user);
3984 Curl_safefree(conn->socks_proxy.user);
3985 Curl_safefree(conn->http_proxy.passwd);
3986 Curl_safefree(conn->socks_proxy.passwd);
3987 conn->http_proxy.user = old_conn->http_proxy.user;
3988 conn->socks_proxy.user = old_conn->socks_proxy.user;
3989 conn->http_proxy.passwd = old_conn->http_proxy.passwd;
3990 conn->socks_proxy.passwd = old_conn->socks_proxy.passwd;
3991 old_conn->http_proxy.user = NULL;
3992 old_conn->socks_proxy.user = NULL;
3993 old_conn->http_proxy.passwd = NULL;
3994 old_conn->socks_proxy.passwd = NULL;
3997 /* host can change, when doing keepalive with a proxy or if the case is
3998 different this time etc */
3999 free_fixed_hostname(&conn->host);
4000 free_fixed_hostname(&conn->conn_to_host);
4001 Curl_safefree(conn->host.rawalloc);
4002 Curl_safefree(conn->conn_to_host.rawalloc);
4003 conn->host = old_conn->host;
4004 conn->conn_to_host = old_conn->conn_to_host;
4005 conn->conn_to_port = old_conn->conn_to_port;
4006 conn->remote_port = old_conn->remote_port;
4008 /* persist connection info in session handle */
4009 Curl_persistconninfo(conn);
4011 conn_reset_all_postponed_data(old_conn); /* free buffers */
4014 conn->bits.reuse = TRUE; /* yes, we're re-using here */
4016 Curl_safefree(old_conn->user);
4017 Curl_safefree(old_conn->passwd);
4018 Curl_safefree(old_conn->http_proxy.user);
4019 Curl_safefree(old_conn->socks_proxy.user);
4020 Curl_safefree(old_conn->http_proxy.passwd);
4021 Curl_safefree(old_conn->socks_proxy.passwd);
4022 Curl_safefree(old_conn->localdev);
4024 Curl_llist_destroy(&old_conn->send_pipe, NULL);
4025 Curl_llist_destroy(&old_conn->recv_pipe, NULL);
4027 Curl_safefree(old_conn->master_buffer);
4029 #ifdef USE_UNIX_SOCKETS
4030 Curl_safefree(old_conn->unix_domain_socket);
4035 * create_conn() sets up a new connectdata struct, or re-uses an already
4036 * existing one, and resolves host name.
4038 * if this function returns CURLE_OK and *async is set to TRUE, the resolve
4039 * response will be coming asynchronously. If *async is FALSE, the name is
4042 * @param data The sessionhandle pointer
4043 * @param in_connect is set to the next connection data pointer
4044 * @param async is set TRUE when an async DNS resolution is pending
4045 * @see Curl_setup_conn()
4047 * *NOTE* this function assigns the conn->data pointer!
4050 static CURLcode create_conn(struct Curl_easy *data,
4051 struct connectdata **in_connect,
4054 CURLcode result = CURLE_OK;
4055 struct connectdata *conn;
4056 struct connectdata *conn_temp = NULL;
4059 char *passwd = NULL;
4060 char *options = NULL;
4062 bool prot_missing = FALSE;
4063 bool connections_available = TRUE;
4064 bool force_reuse = FALSE;
4065 bool waitpipe = FALSE;
4066 size_t max_host_connections = Curl_multi_max_host_connections(data->multi);
4067 size_t max_total_connections = Curl_multi_max_total_connections(data->multi);
4071 /*************************************************************
4073 *************************************************************/
4075 if(!data->change.url) {
4076 result = CURLE_URL_MALFORMAT;
4080 /* First, split up the current URL in parts so that we can use the
4081 parts for checking against the already present connections. In order
4082 to not have to modify everything at once, we allocate a temporary
4083 connection data struct and fill in for comparison purposes. */
4084 conn = allocate_conn(data);
4087 result = CURLE_OUT_OF_MEMORY;
4091 /* We must set the return variable as soon as possible, so that our
4092 parent can cleanup any possible allocs we may have done before
4096 /* This initing continues below, see the comment "Continue connectdata
4097 * initialization here" */
4099 /***********************************************************
4100 * We need to allocate memory to store the path in. We get the size of the
4101 * full URL to be sure, and we need to make it at least 256 bytes since
4102 * other parts of the code will rely on this fact
4103 ***********************************************************/
4104 #define LEAST_PATH_ALLOC 256
4105 urllen = strlen(data->change.url);
4106 if(urllen < LEAST_PATH_ALLOC)
4107 urllen = LEAST_PATH_ALLOC;
4110 * We malloc() the buffers below urllen+2 to make room for 2 possibilities:
4111 * 1 - an extra terminating zero
4112 * 2 - an extra slash (in case a syntax like "www.host.com?moo" is used)
4115 Curl_safefree(data->state.pathbuffer);
4116 data->state.path = NULL;
4118 data->state.pathbuffer = malloc(urllen + 2);
4119 if(NULL == data->state.pathbuffer) {
4120 result = CURLE_OUT_OF_MEMORY; /* really bad error */
4123 data->state.path = data->state.pathbuffer;
4125 conn->host.rawalloc = malloc(urllen + 2);
4126 if(NULL == conn->host.rawalloc) {
4127 Curl_safefree(data->state.pathbuffer);
4128 data->state.path = NULL;
4129 result = CURLE_OUT_OF_MEMORY;
4133 conn->host.name = conn->host.rawalloc;
4134 conn->host.name[0] = 0;
4137 passwd = strdup("");
4138 options = strdup("");
4139 if(!user || !passwd || !options) {
4140 result = CURLE_OUT_OF_MEMORY;
4144 result = parseurlandfillconn(data, conn, &prot_missing, &user, &passwd,
4149 /*************************************************************
4150 * No protocol part in URL was used, add it!
4151 *************************************************************/
4153 /* We're guessing prefixes here and if we're told to use a proxy or if
4154 we're going to follow a Location: later or... then we need the protocol
4155 part added so that we have a valid URL. */
4159 reurl = aprintf("%s://%s", conn->handler->scheme, data->change.url);
4162 result = CURLE_OUT_OF_MEMORY;
4166 /* Change protocol prefix to lower-case */
4167 for(ch_lower = reurl; *ch_lower != ':'; ch_lower++)
4168 *ch_lower = (char)TOLOWER(*ch_lower);
4170 if(data->change.url_alloc) {
4171 Curl_safefree(data->change.url);
4172 data->change.url_alloc = FALSE;
4175 data->change.url = reurl;
4176 data->change.url_alloc = TRUE; /* free this later */
4179 /*************************************************************
4180 * If the protocol can't handle url query strings, then cut
4181 * off the unhandable part
4182 *************************************************************/
4183 if((conn->given->flags&PROTOPT_NOURLQUERY)) {
4184 char *path_q_sep = strchr(conn->data->state.path, '?');
4186 /* according to rfc3986, allow the query (?foo=bar)
4187 also on protocols that can't handle it.
4189 cut the string-part after '?'
4192 /* terminate the string */
4197 if(data->set.str[STRING_BEARER]) {
4198 conn->oauth_bearer = strdup(data->set.str[STRING_BEARER]);
4199 if(!conn->oauth_bearer) {
4200 result = CURLE_OUT_OF_MEMORY;
4205 #ifdef USE_UNIX_SOCKETS
4206 if(data->set.str[STRING_UNIX_SOCKET_PATH]) {
4207 conn->unix_domain_socket = strdup(data->set.str[STRING_UNIX_SOCKET_PATH]);
4208 if(conn->unix_domain_socket == NULL) {
4209 result = CURLE_OUT_OF_MEMORY;
4212 conn->abstract_unix_socket = data->set.abstract_unix_socket;
4216 /* After the unix socket init but before the proxy vars are used, parse and
4217 initialize the proxy vars */
4218 #ifndef CURL_DISABLE_PROXY
4219 result = create_conn_helper_init_proxy(conn);
4224 /*************************************************************
4225 * If the protocol is using SSL and HTTP proxy is used, we set
4226 * the tunnel_proxy bit.
4227 *************************************************************/
4228 if((conn->given->flags&PROTOPT_SSL) && conn->bits.httpproxy)
4229 conn->bits.tunnel_proxy = TRUE;
4231 /*************************************************************
4232 * Figure out the remote port number and fix it in the URL
4233 *************************************************************/
4234 result = parse_remote_port(data, conn);
4238 /* Check for overridden login details and set them accordingly so they
4239 they are known when protocol->setup_connection is called! */
4240 result = override_login(data, conn, &user, &passwd, &options);
4243 result = set_login(conn, user, passwd, options);
4247 /*************************************************************
4248 * Process the "connect to" linked list of hostname/port mappings.
4249 * Do this after the remote port number has been fixed in the URL.
4250 *************************************************************/
4251 result = parse_connect_to_slist(data, conn, data->set.connect_to);
4255 /*************************************************************
4256 * IDN-fix the hostnames
4257 *************************************************************/
4258 result = fix_hostname(conn, &conn->host);
4261 if(conn->bits.conn_to_host) {
4262 result = fix_hostname(conn, &conn->conn_to_host);
4266 if(conn->bits.httpproxy) {
4267 result = fix_hostname(conn, &conn->http_proxy.host);
4271 if(conn->bits.socksproxy) {
4272 result = fix_hostname(conn, &conn->socks_proxy.host);
4277 /*************************************************************
4278 * Check whether the host and the "connect to host" are equal.
4279 * Do this after the hostnames have been IDN-fixed.
4280 *************************************************************/
4281 if(conn->bits.conn_to_host &&
4282 strcasecompare(conn->conn_to_host.name, conn->host.name)) {
4283 conn->bits.conn_to_host = FALSE;
4286 /*************************************************************
4287 * Check whether the port and the "connect to port" are equal.
4288 * Do this after the remote port number has been fixed in the URL.
4289 *************************************************************/
4290 if(conn->bits.conn_to_port && conn->conn_to_port == conn->remote_port) {
4291 conn->bits.conn_to_port = FALSE;
4294 /*************************************************************
4295 * If the "connect to" feature is used with an HTTP proxy,
4296 * we set the tunnel_proxy bit.
4297 *************************************************************/
4298 if((conn->bits.conn_to_host || conn->bits.conn_to_port) &&
4299 conn->bits.httpproxy)
4300 conn->bits.tunnel_proxy = TRUE;
4302 /*************************************************************
4303 * Setup internals depending on protocol. Needs to be done after
4304 * we figured out what/if proxy to use.
4305 *************************************************************/
4306 result = setup_connection_internals(conn);
4310 conn->recv[FIRSTSOCKET] = Curl_recv_plain;
4311 conn->send[FIRSTSOCKET] = Curl_send_plain;
4312 conn->recv[SECONDARYSOCKET] = Curl_recv_plain;
4313 conn->send[SECONDARYSOCKET] = Curl_send_plain;
4315 conn->bits.tcp_fastopen = data->set.tcp_fastopen;
4317 /***********************************************************************
4318 * file: is a special case in that it doesn't need a network connection
4319 ***********************************************************************/
4320 #ifndef CURL_DISABLE_FILE
4321 if(conn->handler->flags & PROTOPT_NONETWORK) {
4323 /* this is supposed to be the connect function so we better at least check
4324 that the file is present here! */
4325 DEBUGASSERT(conn->handler->connect_it);
4326 result = conn->handler->connect_it(conn, &done);
4328 /* Setup a "faked" transfer that'll do nothing */
4331 conn->bits.tcpconnect[FIRSTSOCKET] = TRUE; /* we are "connected */
4333 Curl_conncache_add_conn(data->state.conn_cache, conn);
4336 * Setup whatever necessary for a resumed transfer
4338 result = setup_range(data);
4340 DEBUGASSERT(conn->handler->done);
4341 /* we ignore the return code for the protocol-specific DONE */
4342 (void)conn->handler->done(conn, result, FALSE);
4346 Curl_setup_transfer(conn, -1, -1, FALSE, NULL, /* no download */
4347 -1, NULL); /* no upload */
4350 /* since we skip do_init() */
4351 Curl_init_do(data, conn);
4357 /* Get a cloned copy of the SSL config situation stored in the
4358 connection struct. But to get this going nicely, we must first make
4359 sure that the strings in the master copy are pointing to the correct
4360 strings in the session handle strings array!
4362 Keep in mind that the pointers in the master copy are pointing to strings
4363 that will be freed as part of the Curl_easy struct, but all cloned
4364 copies will be separately allocated.
4366 data->set.ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH_ORIG];
4367 data->set.proxy_ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH_PROXY];
4368 data->set.ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE_ORIG];
4369 data->set.proxy_ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE_PROXY];
4370 data->set.ssl.primary.random_file = data->set.str[STRING_SSL_RANDOM_FILE];
4371 data->set.proxy_ssl.primary.random_file =
4372 data->set.str[STRING_SSL_RANDOM_FILE];
4373 data->set.ssl.primary.egdsocket = data->set.str[STRING_SSL_EGDSOCKET];
4374 data->set.proxy_ssl.primary.egdsocket = data->set.str[STRING_SSL_EGDSOCKET];
4375 data->set.ssl.primary.cipher_list =
4376 data->set.str[STRING_SSL_CIPHER_LIST_ORIG];
4377 data->set.proxy_ssl.primary.cipher_list =
4378 data->set.str[STRING_SSL_CIPHER_LIST_PROXY];
4380 data->set.ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_ORIG];
4381 data->set.proxy_ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_PROXY];
4382 data->set.ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT_ORIG];
4383 data->set.proxy_ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT_PROXY];
4384 data->set.ssl.cert = data->set.str[STRING_CERT_ORIG];
4385 data->set.proxy_ssl.cert = data->set.str[STRING_CERT_PROXY];
4386 data->set.ssl.cert_type = data->set.str[STRING_CERT_TYPE_ORIG];
4387 data->set.proxy_ssl.cert_type = data->set.str[STRING_CERT_TYPE_PROXY];
4388 data->set.ssl.key = data->set.str[STRING_KEY_ORIG];
4389 data->set.proxy_ssl.key = data->set.str[STRING_KEY_PROXY];
4390 data->set.ssl.key_type = data->set.str[STRING_KEY_TYPE_ORIG];
4391 data->set.proxy_ssl.key_type = data->set.str[STRING_KEY_TYPE_PROXY];
4392 data->set.ssl.key_passwd = data->set.str[STRING_KEY_PASSWD_ORIG];
4393 data->set.proxy_ssl.key_passwd = data->set.str[STRING_KEY_PASSWD_PROXY];
4394 data->set.ssl.primary.clientcert = data->set.str[STRING_CERT_ORIG];
4395 data->set.proxy_ssl.primary.clientcert = data->set.str[STRING_CERT_PROXY];
4397 data->set.ssl.username = data->set.str[STRING_TLSAUTH_USERNAME_ORIG];
4398 data->set.proxy_ssl.username = data->set.str[STRING_TLSAUTH_USERNAME_PROXY];
4399 data->set.ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_ORIG];
4400 data->set.proxy_ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_PROXY];
4403 if(!Curl_clone_primary_ssl_config(&data->set.ssl.primary,
4404 &conn->ssl_config)) {
4405 result = CURLE_OUT_OF_MEMORY;
4409 if(!Curl_clone_primary_ssl_config(&data->set.proxy_ssl.primary,
4410 &conn->proxy_ssl_config)) {
4411 result = CURLE_OUT_OF_MEMORY;
4415 prune_dead_connections(data);
4417 /*************************************************************
4418 * Check the current list of connections to see if we can
4419 * re-use an already existing one or if we have to create a
4421 *************************************************************/
4423 /* reuse_fresh is TRUE if we are told to use a new connection by force, but
4424 we only acknowledge this option if this is not a re-used connection
4425 already (which happens due to follow-location or during a HTTP
4426 authentication phase). */
4427 if(data->set.reuse_fresh && !data->state.this_is_a_follow)
4430 reuse = ConnectionExists(data, conn, &conn_temp, &force_reuse, &waitpipe);
4432 /* If we found a reusable connection that is now marked as in use, we may
4433 still want to open a new connection if we are pipelining. */
4434 if(reuse && !force_reuse && IsPipeliningPossible(data, conn_temp)) {
4435 size_t pipelen = conn_temp->send_pipe.size + conn_temp->recv_pipe.size;
4437 infof(data, "Found connection %ld, with requests in the pipe (%zu)\n",
4438 conn_temp->connection_id, pipelen);
4440 if(Curl_conncache_bundle_size(conn_temp) < max_host_connections &&
4441 Curl_conncache_size(data) < max_total_connections) {
4442 /* We want a new connection anyway */
4445 infof(data, "We can reuse, but we want a new connection anyway\n");
4446 Curl_conncache_return_conn(conn_temp);
4453 * We already have a connection for this, we got the former connection
4454 * in the conn_temp variable and thus we need to cleanup the one we
4455 * just allocated before we can move along and use the previously
4458 reuse_conn(conn, conn_temp);
4460 free(conn->ssl_extra);
4462 free(conn); /* we don't need this anymore */
4466 infof(data, "Re-using existing connection! (#%ld) with %s %s\n",
4467 conn->connection_id,
4468 conn->bits.proxy?"proxy":"host",
4469 conn->socks_proxy.host.name ? conn->socks_proxy.host.dispname :
4470 conn->http_proxy.host.name ? conn->http_proxy.host.dispname :
4471 conn->host.dispname);
4474 /* We have decided that we want a new connection. However, we may not
4475 be able to do that if we have reached the limit of how many
4476 connections we are allowed to open. */
4478 if(conn->handler->flags & PROTOPT_ALPN_NPN) {
4479 /* The protocol wants it, so set the bits if enabled in the easy handle
4481 if(data->set.ssl_enable_alpn)
4482 conn->bits.tls_enable_alpn = TRUE;
4483 if(data->set.ssl_enable_npn)
4484 conn->bits.tls_enable_npn = TRUE;
4488 /* There is a connection that *might* become usable for pipelining
4489 "soon", and we wait for that */
4490 connections_available = FALSE;
4492 /* this gets a lock on the conncache */
4493 struct connectbundle *bundle =
4494 Curl_conncache_find_bundle(conn, data->state.conn_cache);
4496 if(max_host_connections > 0 && bundle &&
4497 (bundle->num_connections >= max_host_connections)) {
4498 struct connectdata *conn_candidate;
4500 /* The bundle is full. Extract the oldest connection. */
4501 conn_candidate = Curl_conncache_extract_bundle(data, bundle);
4502 Curl_conncache_unlock(conn);
4504 if(conn_candidate) {
4505 /* Set the connection's owner correctly, then kill it */
4506 conn_candidate->data = data;
4507 (void)Curl_disconnect(conn_candidate, /* dead_connection */ FALSE);
4510 infof(data, "No more connections allowed to host: %d\n",
4511 max_host_connections);
4512 connections_available = FALSE;
4516 Curl_conncache_unlock(conn);
4520 if(connections_available &&
4521 (max_total_connections > 0) &&
4522 (Curl_conncache_size(data) >= max_total_connections)) {
4523 struct connectdata *conn_candidate;
4525 /* The cache is full. Let's see if we can kill a connection. */
4526 conn_candidate = Curl_conncache_extract_oldest(data);
4528 if(conn_candidate) {
4529 /* Set the connection's owner correctly, then kill it */
4530 conn_candidate->data = data;
4531 (void)Curl_disconnect(conn_candidate, /* dead_connection */ FALSE);
4534 infof(data, "No connections available in cache\n");
4535 connections_available = FALSE;
4539 if(!connections_available) {
4540 infof(data, "No connections available.\n");
4545 result = CURLE_NO_CONNECTION_AVAILABLE;
4549 /* Mark the connection as used, before we add it */
4553 * This is a brand new connection, so let's store it in the connection
4556 Curl_conncache_add_conn(data->state.conn_cache, conn);
4559 #if defined(USE_NTLM)
4560 /* If NTLM is requested in a part of this connection, make sure we don't
4561 assume the state is fine as this is a fresh connection and NTLM is
4562 connection based. */
4563 if((data->state.authhost.picked & (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
4564 data->state.authhost.done) {
4565 infof(data, "NTLM picked AND auth done set, clear picked!\n");
4566 data->state.authhost.picked = CURLAUTH_NONE;
4567 data->state.authhost.done = FALSE;
4570 if((data->state.authproxy.picked & (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
4571 data->state.authproxy.done) {
4572 infof(data, "NTLM-proxy picked AND auth done set, clear picked!\n");
4573 data->state.authproxy.picked = CURLAUTH_NONE;
4574 data->state.authproxy.done = FALSE;
4579 /* Setup and init stuff before DO starts, in preparing for the transfer. */
4580 Curl_init_do(data, conn);
4583 * Setup whatever necessary for a resumed transfer
4585 result = setup_range(data);
4589 /* Continue connectdata initialization here. */
4592 * Inherit the proper values from the urldata struct AFTER we have arranged
4593 * the persistent connection stuff
4595 conn->seek_func = data->set.seek_func;
4596 conn->seek_client = data->set.seek_client;
4598 /*************************************************************
4599 * Resolve the address of the server or proxy
4600 *************************************************************/
4601 result = resolve_server(data, conn, async);
4611 /* Curl_setup_conn() is called after the name resolve initiated in
4612 * create_conn() is all done.
4614 * Curl_setup_conn() also handles reused connections
4616 * conn->data MUST already have been setup fine (in create_conn)
4619 CURLcode Curl_setup_conn(struct connectdata *conn,
4620 bool *protocol_done)
4622 CURLcode result = CURLE_OK;
4623 struct Curl_easy *data = conn->data;
4625 Curl_pgrsTime(data, TIMER_NAMELOOKUP);
4627 if(conn->handler->flags & PROTOPT_NONETWORK) {
4628 /* nothing to setup when not using a network */
4629 *protocol_done = TRUE;
4632 *protocol_done = FALSE; /* default to not done */
4634 /* set proxy_connect_closed to false unconditionally already here since it
4635 is used strictly to provide extra information to a parent function in the
4636 case of proxy CONNECT failures and we must make sure we don't have it
4637 lingering set from a previous invoke */
4638 conn->bits.proxy_connect_closed = FALSE;
4641 * Set user-agent. Used for HTTP, but since we can attempt to tunnel
4642 * basically anything through a http proxy we can't limit this based on
4645 if(data->set.str[STRING_USERAGENT]) {
4646 Curl_safefree(conn->allocptr.uagent);
4647 conn->allocptr.uagent =
4648 aprintf("User-Agent: %s\r\n", data->set.str[STRING_USERAGENT]);
4649 if(!conn->allocptr.uagent)
4650 return CURLE_OUT_OF_MEMORY;
4653 data->req.headerbytecount = 0;
4655 #ifdef CURL_DO_LINEEND_CONV
4656 data->state.crlf_conversions = 0; /* reset CRLF conversion counter */
4657 #endif /* CURL_DO_LINEEND_CONV */
4659 /* set start time here for timeout purposes in the connect procedure, it
4660 is later set again for the progress meter purpose */
4661 conn->now = Curl_now();
4663 if(CURL_SOCKET_BAD == conn->sock[FIRSTSOCKET]) {
4664 conn->bits.tcpconnect[FIRSTSOCKET] = FALSE;
4665 result = Curl_connecthost(conn, conn->dns_entry);
4670 Curl_pgrsTime(data, TIMER_CONNECT); /* we're connected already */
4671 Curl_pgrsTime(data, TIMER_APPCONNECT); /* we're connected already */
4672 conn->bits.tcpconnect[FIRSTSOCKET] = TRUE;
4673 *protocol_done = TRUE;
4674 Curl_updateconninfo(conn, conn->sock[FIRSTSOCKET]);
4675 Curl_verboseconnect(conn);
4678 conn->now = Curl_now(); /* time this *after* the connect is done, we set
4679 this here perhaps a second time */
4683 CURLcode Curl_connect(struct Curl_easy *data,
4684 struct connectdata **in_connect,
4686 bool *protocol_done)
4690 *asyncp = FALSE; /* assume synchronous resolves by default */
4692 /* call the stuff that needs to be called */
4693 result = create_conn(data, in_connect, asyncp);
4697 if((*in_connect)->send_pipe.size || (*in_connect)->recv_pipe.size)
4699 *protocol_done = TRUE;
4701 /* DNS resolution is done: that's either because this is a reused
4702 connection, in which case DNS was unnecessary, or because DNS
4703 really did finish already (synch resolver/fast async resolve) */
4704 result = Curl_setup_conn(*in_connect, protocol_done);
4708 if(result == CURLE_NO_CONNECTION_AVAILABLE) {
4713 if(result && *in_connect) {
4714 /* We're not allowed to return failure with memory left allocated
4715 in the connectdata struct, free those here */
4716 Curl_disconnect(*in_connect, FALSE); /* close the connection */
4717 *in_connect = NULL; /* return a NULL */
4724 * Curl_init_do() inits the readwrite session. This is inited each time (in
4725 * the DO function before the protocol-specific DO functions are invoked) for
4726 * a transfer, sometimes multiple times on the same Curl_easy. Make sure
4727 * nothing in here depends on stuff that are setup dynamically for the
4730 * Allow this function to get called with 'conn' set to NULL.
4733 CURLcode Curl_init_do(struct Curl_easy *data, struct connectdata *conn)
4735 struct SingleRequest *k = &data->req;
4737 conn->bits.do_more = FALSE; /* by default there's no curl_do_more() to
4740 data->state.done = FALSE; /* *_done() is not called yet */
4741 data->state.expect100header = FALSE;
4743 /* if the protocol used doesn't support wildcards, switch it off */
4744 if(data->state.wildcardmatch &&
4745 !(conn->handler->flags & PROTOPT_WILDCARD))
4746 data->state.wildcardmatch = FALSE;
4748 if(data->set.opt_no_body)
4749 /* in HTTP lingo, no body means using the HEAD request... */
4750 data->set.httpreq = HTTPREQ_HEAD;
4751 else if(HTTPREQ_HEAD == data->set.httpreq)
4752 /* ... but if unset there really is no perfect method that is the
4753 "opposite" of HEAD but in reality most people probably think GET
4754 then. The important thing is that we can't let it remain HEAD if the
4755 opt_no_body is set FALSE since then we'll behave wrong when getting
4757 data->set.httpreq = HTTPREQ_GET;
4759 k->start = Curl_now(); /* start time */
4760 k->now = k->start; /* current time is now */
4761 k->header = TRUE; /* assume header */
4765 k->buf = data->state.buffer;
4766 k->hbufp = data->state.headerbuff;
4767 k->ignorebody = FALSE;
4769 Curl_speedinit(data);
4771 Curl_pgrsSetUploadCounter(data, 0);
4772 Curl_pgrsSetDownloadCounter(data, 0);
4778 * get_protocol_family()
4780 * This is used to return the protocol family for a given protocol.
4784 * protocol [in] - A single bit protocol identifier such as HTTP or HTTPS.
4786 * Returns the family as a single bit protocol identifier.
4789 static unsigned int get_protocol_family(unsigned int protocol)
4791 unsigned int family;
4794 case CURLPROTO_HTTP:
4795 case CURLPROTO_HTTPS:
4796 family = CURLPROTO_HTTP;
4800 case CURLPROTO_FTPS:
4801 family = CURLPROTO_FTP;
4805 family = CURLPROTO_SCP;
4808 case CURLPROTO_SFTP:
4809 family = CURLPROTO_SFTP;
4812 case CURLPROTO_TELNET:
4813 family = CURLPROTO_TELNET;
4816 case CURLPROTO_LDAP:
4817 case CURLPROTO_LDAPS:
4818 family = CURLPROTO_LDAP;
4821 case CURLPROTO_DICT:
4822 family = CURLPROTO_DICT;
4825 case CURLPROTO_FILE:
4826 family = CURLPROTO_FILE;
4829 case CURLPROTO_TFTP:
4830 family = CURLPROTO_TFTP;
4833 case CURLPROTO_IMAP:
4834 case CURLPROTO_IMAPS:
4835 family = CURLPROTO_IMAP;
4838 case CURLPROTO_POP3:
4839 case CURLPROTO_POP3S:
4840 family = CURLPROTO_POP3;
4843 case CURLPROTO_SMTP:
4844 case CURLPROTO_SMTPS:
4845 family = CURLPROTO_SMTP;
4848 case CURLPROTO_RTSP:
4849 family = CURLPROTO_RTSP;
4852 case CURLPROTO_RTMP:
4853 case CURLPROTO_RTMPS:
4854 family = CURLPROTO_RTMP;
4857 case CURLPROTO_RTMPT:
4858 case CURLPROTO_RTMPTS:
4859 family = CURLPROTO_RTMPT;
4862 case CURLPROTO_RTMPE:
4863 family = CURLPROTO_RTMPE;
4866 case CURLPROTO_RTMPTE:
4867 family = CURLPROTO_RTMPTE;
4870 case CURLPROTO_GOPHER:
4871 family = CURLPROTO_GOPHER;
4875 case CURLPROTO_SMBS:
4876 family = CURLPROTO_SMB;
projects / platform / upstream / curl.git / blob