1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
21 ***************************************************************************/
23 #include "curl_setup.h"
25 #ifdef HAVE_NETINET_IN_H
26 #include <netinet/in.h>
31 #ifdef HAVE_ARPA_INET_H
32 #include <arpa/inet.h>
37 #ifdef HAVE_SYS_IOCTL_H
38 #include <sys/ioctl.h>
41 #ifdef HAVE_SYS_PARAM_H
42 #include <sys/param.h>
55 #error "We can't compile without socket() support!"
63 #elif defined(USE_WIN32_IDN)
64 /* prototype for curl_win32_idn_to_ascii() */
65 bool curl_win32_idn_to_ascii(const char *in, char **out);
66 #endif /* USE_LIBIDN2 */
73 #include "vtls/vtls.h"
84 #include "content_encoding.h"
85 #include "http_digest.h"
86 #include "http_negotiate.h"
90 #include "speedcheck.h"
92 #include "non-ascii.h"
93 #include "inet_pton.h"
96 /* And now for the protocols */
104 #include "curl_ldap.h"
109 #include "inet_ntop.h"
110 #include "http_ntlm.h"
111 #include "curl_ntlm_wb.h"
113 #include "curl_rtmp.h"
115 #include "http_proxy.h"
116 #include "conncache.h"
117 #include "multihandle.h"
118 #include "pipeline.h"
123 /* The last 3 #include files should be in this order */
124 #include "curl_printf.h"
125 #include "curl_memory.h"
126 #include "memdebug.h"
128 static void conn_free(struct connectdata *conn);
129 static void free_fixed_hostname(struct hostname *host);
130 static void signalPipeClose(struct curl_llist *pipeline, bool pipe_broke);
131 static CURLcode parse_url_login(struct Curl_easy *data,
132 struct connectdata *conn,
133 char **userptr, char **passwdptr,
135 static unsigned int get_protocol_family(unsigned int protocol);
137 /* Some parts of the code (e.g. chunked encoding) assume this buffer has at
138 * more than just a few bytes to play with. Don't let it become too small or
139 * bad things will happen.
141 #if READBUFFER_SIZE < READBUFFER_MIN
142 # error READBUFFER_SIZE is too small
150 static const struct Curl_handler * const protocols[] = {
152 #ifndef CURL_DISABLE_HTTP
156 #if defined(USE_SSL) && !defined(CURL_DISABLE_HTTP)
160 #ifndef CURL_DISABLE_FTP
164 #if defined(USE_SSL) && !defined(CURL_DISABLE_FTP)
168 #ifndef CURL_DISABLE_TELNET
169 &Curl_handler_telnet,
172 #ifndef CURL_DISABLE_DICT
176 #ifndef CURL_DISABLE_LDAP
178 #if !defined(CURL_DISABLE_LDAPS) && \
179 ((defined(USE_OPENLDAP) && defined(USE_SSL)) || \
180 (!defined(USE_OPENLDAP) && defined(HAVE_LDAP_SSL)))
185 #ifndef CURL_DISABLE_FILE
189 #ifndef CURL_DISABLE_TFTP
193 #if defined(USE_LIBSSH2) || defined(USE_LIBSSH)
197 #if defined(USE_LIBSSH2) || defined(USE_LIBSSH)
201 #ifndef CURL_DISABLE_IMAP
208 #ifndef CURL_DISABLE_POP3
215 #if !defined(CURL_DISABLE_SMB) && defined(USE_NTLM) && \
216 (CURL_SIZEOF_CURL_OFF_T > 4) && \
217 (!defined(USE_WINDOWS_SSPI) || defined(USE_WIN32_CRYPTO))
224 #ifndef CURL_DISABLE_SMTP
231 #ifndef CURL_DISABLE_RTSP
235 #ifndef CURL_DISABLE_GOPHER
236 &Curl_handler_gopher,
243 &Curl_handler_rtmpte,
245 &Curl_handler_rtmpts,
248 (struct Curl_handler *) NULL
252 * Dummy handler for undefined protocol schemes.
255 static const struct Curl_handler Curl_handler_dummy = {
256 "<no protocol>", /* scheme */
257 ZERO_NULL, /* setup_connection */
258 ZERO_NULL, /* do_it */
259 ZERO_NULL, /* done */
260 ZERO_NULL, /* do_more */
261 ZERO_NULL, /* connect_it */
262 ZERO_NULL, /* connecting */
263 ZERO_NULL, /* doing */
264 ZERO_NULL, /* proto_getsock */
265 ZERO_NULL, /* doing_getsock */
266 ZERO_NULL, /* domore_getsock */
267 ZERO_NULL, /* perform_getsock */
268 ZERO_NULL, /* disconnect */
269 ZERO_NULL, /* readwrite */
270 ZERO_NULL, /* connection_check */
273 PROTOPT_NONE /* flags */
276 void Curl_freeset(struct Curl_easy *data)
278 /* Free all dynamic strings stored in the data->set substructure. */
280 for(i = (enum dupstring)0; i < STRING_LAST; i++) {
281 Curl_safefree(data->set.str[i]);
284 if(data->change.referer_alloc) {
285 Curl_safefree(data->change.referer);
286 data->change.referer_alloc = FALSE;
288 data->change.referer = NULL;
289 if(data->change.url_alloc) {
290 Curl_safefree(data->change.url);
291 data->change.url_alloc = FALSE;
293 data->change.url = NULL;
295 Curl_mime_cleanpart(&data->set.mimepost);
299 * This is the internal function curl_easy_cleanup() calls. This should
300 * cleanup and free all resources associated with this sessionhandle.
302 * NOTE: if we ever add something that attempts to write to a socket or
303 * similar here, we must ignore SIGPIPE first. It is currently only done
304 * when curl_easy_perform() is invoked.
307 CURLcode Curl_close(struct Curl_easy *data)
309 struct Curl_multi *m;
314 Curl_expire_clear(data); /* shut off timers */
319 /* This handle is still part of a multi handle, take care of this first
320 and detach this handle from there. */
321 curl_multi_remove_handle(data->multi, data);
324 /* when curl_easy_perform() is used, it creates its own multi handle to
325 use and this is the one */
326 curl_multi_cleanup(data->multi_easy);
328 /* Destroy the timeout list that is held in the easy handle. It is
329 /normally/ done by curl_multi_remove_handle() but this is "just in
331 Curl_llist_destroy(&data->state.timeoutlist, NULL);
333 data->magic = 0; /* force a clear AFTER the possibly enforced removal from
334 the multi handle, since that function uses the magic
337 if(data->state.rangestringalloc)
338 free(data->state.range);
340 /* Free the pathbuffer */
341 Curl_safefree(data->state.pathbuffer);
342 data->state.path = NULL;
344 /* freed here just in case DONE wasn't called */
345 Curl_free_request_state(data);
347 /* Close down all open SSL info and sessions */
348 Curl_ssl_close_all(data);
349 Curl_safefree(data->state.first_host);
350 Curl_safefree(data->state.scratch);
351 Curl_ssl_free_certinfo(data);
353 /* Cleanup possible redirect junk */
354 free(data->req.newurl);
355 data->req.newurl = NULL;
357 if(data->change.referer_alloc) {
358 Curl_safefree(data->change.referer);
359 data->change.referer_alloc = FALSE;
361 data->change.referer = NULL;
363 if(data->change.url_alloc) {
364 Curl_safefree(data->change.url);
365 data->change.url_alloc = FALSE;
367 data->change.url = NULL;
369 Curl_safefree(data->state.buffer);
370 Curl_safefree(data->state.headerbuff);
372 Curl_flush_cookies(data, 1);
374 Curl_digest_cleanup(data);
376 Curl_safefree(data->info.contenttype);
377 Curl_safefree(data->info.wouldredirect);
379 /* this destroys the channel and we cannot use it anymore after this */
380 Curl_resolver_cleanup(data->state.resolver);
382 Curl_http2_cleanup_dependencies(data);
383 Curl_convert_close(data);
385 /* No longer a dirty share, if it exists */
387 Curl_share_lock(data, CURL_LOCK_DATA_SHARE, CURL_LOCK_ACCESS_SINGLE);
388 data->share->dirty--;
389 Curl_share_unlock(data, CURL_LOCK_DATA_SHARE);
392 /* destruct wildcard structures if it is needed */
393 Curl_wildcard_dtor(&data->wildcard);
400 * Initialize the UserDefined fields within a Curl_easy.
401 * This may be safely called on a new or existing Curl_easy.
403 CURLcode Curl_init_userdefined(struct Curl_easy *data)
405 struct UserDefined *set = &data->set;
406 CURLcode result = CURLE_OK;
408 set->out = stdout; /* default output to stdout */
409 set->in_set = stdin; /* default input from stdin */
410 set->err = stderr; /* default stderr to stderr */
412 /* use fwrite as default function to store output */
413 set->fwrite_func = (curl_write_callback)fwrite;
415 /* use fread as default function to read input */
416 set->fread_func_set = (curl_read_callback)fread;
417 set->is_fread_set = 0;
418 set->is_fwrite_set = 0;
420 set->seek_func = ZERO_NULL;
421 set->seek_client = ZERO_NULL;
423 /* conversion callbacks for non-ASCII hosts */
424 set->convfromnetwork = ZERO_NULL;
425 set->convtonetwork = ZERO_NULL;
426 set->convfromutf8 = ZERO_NULL;
428 set->filesize = -1; /* we don't know the size */
429 set->postfieldsize = -1; /* unknown size */
430 set->maxredirs = -1; /* allow any amount by default */
432 set->httpreq = HTTPREQ_GET; /* Default HTTP request */
433 set->rtspreq = RTSPREQ_OPTIONS; /* Default RTSP request */
434 set->ftp_use_epsv = TRUE; /* FTP defaults to EPSV operations */
435 set->ftp_use_eprt = TRUE; /* FTP defaults to EPRT operations */
436 set->ftp_use_pret = FALSE; /* mainly useful for drftpd servers */
437 set->ftp_filemethod = FTPFILE_MULTICWD;
439 set->dns_cache_timeout = 60; /* Timeout every 60 seconds by default */
441 /* Set the default size of the SSL session ID cache */
442 set->general_ssl.max_ssl_sessions = 5;
445 set->proxytype = CURLPROXY_HTTP; /* defaults to HTTP proxy */
446 set->httpauth = CURLAUTH_BASIC; /* defaults to basic */
447 set->proxyauth = CURLAUTH_BASIC; /* defaults to basic */
449 /* SOCKS5 proxy auth defaults to username/password + GSS-API */
450 set->socks5auth = CURLAUTH_BASIC | CURLAUTH_GSSAPI;
452 /* make libcurl quiet by default: */
453 set->hide_progress = TRUE; /* CURLOPT_NOPROGRESS changes these */
455 Curl_mime_initpart(&set->mimepost, data);
458 * libcurl 7.10 introduced SSL verification *by default*! This needs to be
459 * switched off unless wanted.
461 set->ssl.primary.verifypeer = TRUE;
462 set->ssl.primary.verifyhost = TRUE;
464 set->ssl.authtype = CURL_TLSAUTH_NONE;
466 set->ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
468 set->ssl.primary.sessionid = TRUE; /* session ID caching enabled by
470 set->proxy_ssl = set->ssl;
472 set->new_file_perms = 0644; /* Default permissions */
473 set->new_directory_perms = 0755; /* Default permissions */
475 /* for the *protocols fields we don't use the CURLPROTO_ALL convenience
476 define since we internally only use the lower 16 bits for the passed
477 in bitmask to not conflict with the private bits */
478 set->allowed_protocols = CURLPROTO_ALL;
479 set->redir_protocols = CURLPROTO_ALL & /* All except FILE, SCP and SMB */
480 ~(CURLPROTO_FILE | CURLPROTO_SCP | CURLPROTO_SMB |
483 #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
485 * disallow unprotected protection negotiation NEC reference implementation
486 * seem not to follow rfc1961 section 4.3/4.4
488 set->socks5_gssapi_nec = FALSE;
491 /* This is our preferred CA cert bundle/path since install time */
492 #if defined(CURL_CA_BUNDLE)
493 result = Curl_setstropt(&set->str[STRING_SSL_CAFILE_ORIG], CURL_CA_BUNDLE);
497 result = Curl_setstropt(&set->str[STRING_SSL_CAFILE_PROXY], CURL_CA_BUNDLE);
501 #if defined(CURL_CA_PATH)
502 result = Curl_setstropt(&set->str[STRING_SSL_CAPATH_ORIG], CURL_CA_PATH);
506 result = Curl_setstropt(&set->str[STRING_SSL_CAPATH_PROXY], CURL_CA_PATH);
511 set->wildcard_enabled = FALSE;
512 set->chunk_bgn = ZERO_NULL;
513 set->chunk_end = ZERO_NULL;
515 /* tcp keepalives are disabled by default, but provide reasonable values for
516 * the interval and idle times.
518 set->tcp_keepalive = FALSE;
519 set->tcp_keepintvl = 60;
520 set->tcp_keepidle = 60;
521 set->tcp_fastopen = FALSE;
522 set->tcp_nodelay = TRUE;
524 set->ssl_enable_npn = TRUE;
525 set->ssl_enable_alpn = TRUE;
527 set->expect_100_timeout = 1000L; /* Wait for a second by default. */
528 set->sep_headers = TRUE; /* separated header lists by default */
529 set->buffer_size = READBUFFER_SIZE;
530 set->happy_eyeballs_timeout = CURL_HET_DEFAULT;
532 Curl_http2_init_userset(set);
539 * @param curl is a pointer to a sessionhandle pointer that gets set by this
544 CURLcode Curl_open(struct Curl_easy **curl)
547 struct Curl_easy *data;
549 /* Very simple start-up: alloc the struct, init it with zeroes and return */
550 data = calloc(1, sizeof(struct Curl_easy));
552 /* this is a very serious error */
553 DEBUGF(fprintf(stderr, "Error: calloc of Curl_easy failed\n"));
554 return CURLE_OUT_OF_MEMORY;
557 data->magic = CURLEASY_MAGIC_NUMBER;
559 result = Curl_resolver_init(&data->state.resolver);
561 DEBUGF(fprintf(stderr, "Error: resolver_init failed\n"));
566 /* We do some initial setup here, all those fields that can't be just 0 */
568 data->state.buffer = malloc(READBUFFER_SIZE + 1);
569 if(!data->state.buffer) {
570 DEBUGF(fprintf(stderr, "Error: malloc of buffer failed\n"));
571 result = CURLE_OUT_OF_MEMORY;
574 data->state.headerbuff = malloc(HEADERSIZE);
575 if(!data->state.headerbuff) {
576 DEBUGF(fprintf(stderr, "Error: malloc of headerbuff failed\n"));
577 result = CURLE_OUT_OF_MEMORY;
580 result = Curl_init_userdefined(data);
582 data->state.headersize = HEADERSIZE;
583 Curl_convert_init(data);
586 /* most recent connection is not yet defined */
587 data->state.lastconnect = NULL;
589 data->progress.flags |= PGRS_HIDE;
590 data->state.current_speed = -1; /* init to negative == impossible */
591 data->set.fnmatch = ZERO_NULL;
592 data->set.maxconnects = DEFAULT_CONNCACHE_SIZE; /* for easy handles */
594 Curl_http2_init_state(&data->state);
599 Curl_resolver_cleanup(data->state.resolver);
600 free(data->state.buffer);
601 free(data->state.headerbuff);
612 #ifdef USE_RECV_BEFORE_SEND_WORKAROUND
613 static void conn_reset_postponed_data(struct connectdata *conn, int num)
615 struct postponed_data * const psnd = &(conn->postponed[num]);
617 DEBUGASSERT(psnd->allocated_size > 0);
618 DEBUGASSERT(psnd->recv_size <= psnd->allocated_size);
619 DEBUGASSERT(psnd->recv_size ?
620 (psnd->recv_processed < psnd->recv_size) :
621 (psnd->recv_processed == 0));
622 DEBUGASSERT(psnd->bindsock != CURL_SOCKET_BAD);
625 psnd->allocated_size = 0;
627 psnd->recv_processed = 0;
629 psnd->bindsock = CURL_SOCKET_BAD; /* used only for DEBUGASSERT */
630 #endif /* DEBUGBUILD */
633 DEBUGASSERT(psnd->allocated_size == 0);
634 DEBUGASSERT(psnd->recv_size == 0);
635 DEBUGASSERT(psnd->recv_processed == 0);
636 DEBUGASSERT(psnd->bindsock == CURL_SOCKET_BAD);
640 static void conn_reset_all_postponed_data(struct connectdata *conn)
642 conn_reset_postponed_data(conn, 0);
643 conn_reset_postponed_data(conn, 1);
645 #else /* ! USE_RECV_BEFORE_SEND_WORKAROUND */
646 /* Use "do-nothing" macro instead of function when workaround not used */
647 #define conn_reset_all_postponed_data(c) do {} WHILE_FALSE
648 #endif /* ! USE_RECV_BEFORE_SEND_WORKAROUND */
650 static void conn_free(struct connectdata *conn)
655 /* possible left-overs from the async name resolvers */
656 Curl_resolver_cancel(conn);
658 /* close the SSL stuff before we close any sockets since they will/may
659 write to the sockets */
660 Curl_ssl_close(conn, FIRSTSOCKET);
661 Curl_ssl_close(conn, SECONDARYSOCKET);
663 /* close possibly still open sockets */
664 if(CURL_SOCKET_BAD != conn->sock[SECONDARYSOCKET])
665 Curl_closesocket(conn, conn->sock[SECONDARYSOCKET]);
666 if(CURL_SOCKET_BAD != conn->sock[FIRSTSOCKET])
667 Curl_closesocket(conn, conn->sock[FIRSTSOCKET]);
668 if(CURL_SOCKET_BAD != conn->tempsock[0])
669 Curl_closesocket(conn, conn->tempsock[0]);
670 if(CURL_SOCKET_BAD != conn->tempsock[1])
671 Curl_closesocket(conn, conn->tempsock[1]);
673 #if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \
674 defined(NTLM_WB_ENABLED)
675 Curl_ntlm_wb_cleanup(conn);
678 Curl_safefree(conn->user);
679 Curl_safefree(conn->passwd);
680 Curl_safefree(conn->oauth_bearer);
681 Curl_safefree(conn->options);
682 Curl_safefree(conn->http_proxy.user);
683 Curl_safefree(conn->socks_proxy.user);
684 Curl_safefree(conn->http_proxy.passwd);
685 Curl_safefree(conn->socks_proxy.passwd);
686 Curl_safefree(conn->allocptr.proxyuserpwd);
687 Curl_safefree(conn->allocptr.uagent);
688 Curl_safefree(conn->allocptr.userpwd);
689 Curl_safefree(conn->allocptr.accept_encoding);
690 Curl_safefree(conn->allocptr.te);
691 Curl_safefree(conn->allocptr.rangeline);
692 Curl_safefree(conn->allocptr.ref);
693 Curl_safefree(conn->allocptr.host);
694 Curl_safefree(conn->allocptr.cookiehost);
695 Curl_safefree(conn->allocptr.rtsp_transport);
696 Curl_safefree(conn->trailer);
697 Curl_safefree(conn->host.rawalloc); /* host name buffer */
698 Curl_safefree(conn->conn_to_host.rawalloc); /* host name buffer */
699 Curl_safefree(conn->secondaryhostname);
700 Curl_safefree(conn->http_proxy.host.rawalloc); /* http proxy name buffer */
701 Curl_safefree(conn->socks_proxy.host.rawalloc); /* socks proxy name buffer */
702 Curl_safefree(conn->master_buffer);
703 Curl_safefree(conn->connect_state);
705 conn_reset_all_postponed_data(conn);
707 Curl_llist_destroy(&conn->send_pipe, NULL);
708 Curl_llist_destroy(&conn->recv_pipe, NULL);
710 Curl_safefree(conn->localdev);
711 Curl_free_primary_ssl_config(&conn->ssl_config);
712 Curl_free_primary_ssl_config(&conn->proxy_ssl_config);
714 #ifdef USE_UNIX_SOCKETS
715 Curl_safefree(conn->unix_domain_socket);
719 Curl_safefree(conn->ssl_extra);
721 free(conn); /* free all the connection oriented data */
725 * Disconnects the given connection. Note the connection may not be the
726 * primary connection, like when freeing room in the connection cache or
727 * killing of a dead old connection.
729 * This function MUST NOT reset state in the Curl_easy struct if that
730 * isn't strictly bound to the life-time of *this* particular connection.
734 CURLcode Curl_disconnect(struct connectdata *conn, bool dead_connection)
736 struct Curl_easy *data;
738 return CURLE_OK; /* this is closed and fine already */
742 DEBUGF(fprintf(stderr, "DISCONNECT without easy handle, ignoring\n"));
747 * If this connection isn't marked to force-close, leave it open if there
748 * are other users of it
750 if(!conn->bits.close &&
751 (conn->send_pipe.size + conn->recv_pipe.size)) {
752 DEBUGF(infof(data, "Curl_disconnect, usecounter: %d\n",
753 conn->send_pipe.size + conn->recv_pipe.size));
757 if(conn->dns_entry != NULL) {
758 Curl_resolv_unlock(data, conn->dns_entry);
759 conn->dns_entry = NULL;
762 Curl_hostcache_prune(data); /* kill old DNS cache entries */
764 #if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM)
765 /* Cleanup NTLM connection-related data */
766 Curl_http_ntlm_cleanup(conn);
769 if(conn->handler->disconnect)
770 /* This is set if protocol-specific cleanups should be made */
771 conn->handler->disconnect(conn, dead_connection);
773 /* unlink ourselves! */
774 infof(data, "Closing connection %ld\n", conn->connection_id);
775 Curl_conncache_remove_conn(conn, TRUE);
777 free_fixed_hostname(&conn->host);
778 free_fixed_hostname(&conn->conn_to_host);
779 free_fixed_hostname(&conn->http_proxy.host);
780 free_fixed_hostname(&conn->socks_proxy.host);
782 Curl_ssl_close(conn, FIRSTSOCKET);
784 /* Indicate to all handles on the pipe that we're dead */
785 if(Curl_pipeline_wanted(data->multi, CURLPIPE_ANY)) {
786 signalPipeClose(&conn->send_pipe, TRUE);
787 signalPipeClose(&conn->recv_pipe, TRUE);
796 * This function should return TRUE if the socket is to be assumed to
797 * be dead. Most commonly this happens when the server has closed the
798 * connection due to inactivity.
800 static bool SocketIsDead(curl_socket_t sock)
805 sval = SOCKET_READABLE(sock, 0);
814 * IsPipeliningPossible()
816 * Return a bitmask with the available pipelining and multiplexing options for
817 * the given requested connection.
819 static int IsPipeliningPossible(const struct Curl_easy *handle,
820 const struct connectdata *conn)
824 /* If a HTTP protocol and pipelining is enabled */
825 if((conn->handler->protocol & PROTO_FAMILY_HTTP) &&
826 (!conn->bits.protoconnstart || !conn->bits.close)) {
828 if(Curl_pipeline_wanted(handle->multi, CURLPIPE_HTTP1) &&
829 (handle->set.httpversion != CURL_HTTP_VERSION_1_0) &&
830 (handle->set.httpreq == HTTPREQ_GET ||
831 handle->set.httpreq == HTTPREQ_HEAD))
832 /* didn't ask for HTTP/1.0 and a GET or HEAD */
833 avail |= CURLPIPE_HTTP1;
835 if(Curl_pipeline_wanted(handle->multi, CURLPIPE_MULTIPLEX) &&
836 (handle->set.httpversion >= CURL_HTTP_VERSION_2))
838 avail |= CURLPIPE_MULTIPLEX;
843 int Curl_removeHandleFromPipeline(struct Curl_easy *handle,
844 struct curl_llist *pipeline)
847 struct curl_llist_element *curr;
849 curr = pipeline->head;
851 if(curr->ptr == handle) {
852 Curl_llist_remove(pipeline, curr, NULL);
853 return 1; /* we removed a handle */
862 #if 0 /* this code is saved here as it is useful for debugging purposes */
863 static void Curl_printPipeline(struct curl_llist *pipeline)
865 struct curl_llist_element *curr;
867 curr = pipeline->head;
869 struct Curl_easy *data = (struct Curl_easy *) curr->ptr;
870 infof(data, "Handle in pipeline: %s\n", data->state.path);
876 static struct Curl_easy* gethandleathead(struct curl_llist *pipeline)
878 struct curl_llist_element *curr = pipeline->head;
880 return (struct Curl_easy *) curr->ptr;
886 /* remove the specified connection from all (possible) pipelines and related
888 void Curl_getoff_all_pipelines(struct Curl_easy *data,
889 struct connectdata *conn)
891 bool recv_head = (conn->readchannel_inuse &&
892 Curl_recvpipe_head(data, conn));
893 bool send_head = (conn->writechannel_inuse &&
894 Curl_sendpipe_head(data, conn));
896 if(Curl_removeHandleFromPipeline(data, &conn->recv_pipe) && recv_head)
897 Curl_pipeline_leave_read(conn);
898 if(Curl_removeHandleFromPipeline(data, &conn->send_pipe) && send_head)
899 Curl_pipeline_leave_write(conn);
902 static void signalPipeClose(struct curl_llist *pipeline, bool pipe_broke)
904 struct curl_llist_element *curr;
909 curr = pipeline->head;
911 struct curl_llist_element *next = curr->next;
912 struct Curl_easy *data = (struct Curl_easy *) curr->ptr;
914 #ifdef DEBUGBUILD /* debug-only code */
915 if(data->magic != CURLEASY_MAGIC_NUMBER) {
917 infof(data, "signalPipeClose() found BAAD easy handle\n");
922 data->state.pipe_broke = TRUE;
923 Curl_multi_handlePipeBreak(data);
924 Curl_llist_remove(pipeline, curr, NULL);
930 proxy_info_matches(const struct proxy_info* data,
931 const struct proxy_info* needle)
933 if((data->proxytype == needle->proxytype) &&
934 (data->port == needle->port) &&
935 Curl_safe_strcasecompare(data->host.name, needle->host.name))
942 * This function checks if the given connection is dead and extracts it from
943 * the connection cache if so.
945 * When this is called as a Curl_conncache_foreach() callback, the connection
946 * cache lock is held!
948 * Returns TRUE if the connection was dead and extracted.
950 static bool extract_if_dead(struct connectdata *conn,
951 struct Curl_easy *data)
953 size_t pipeLen = conn->send_pipe.size + conn->recv_pipe.size;
954 if(!pipeLen && !conn->inuse) {
955 /* The check for a dead socket makes sense only if there are no
956 handles in pipeline and the connection isn't already marked in
960 if(conn->handler->connection_check) {
961 /* The protocol has a special method for checking the state of the
962 connection. Use it to check if the connection is dead. */
965 state = conn->handler->connection_check(conn, CONNCHECK_ISDEAD);
966 dead = (state & CONNRESULT_DEAD);
969 /* Use the general method for determining the death of a connection */
970 dead = SocketIsDead(conn->sock[FIRSTSOCKET]);
975 infof(data, "Connection %ld seems to be dead!\n", conn->connection_id);
976 Curl_conncache_remove_conn(conn, FALSE);
984 struct Curl_easy *data;
985 struct connectdata *extracted;
989 * Wrapper to use extract_if_dead() function in Curl_conncache_foreach()
992 static int call_extract_if_dead(struct connectdata *conn, void *param)
994 struct prunedead *p = (struct prunedead *)param;
995 if(extract_if_dead(conn, p->data)) {
996 /* stop the iteration here, pass back the connection that was extracted */
1000 return 0; /* continue iteration */
1004 * This function scans the connection cache for half-open/dead connections,
1005 * closes and removes them.
1006 * The cleanup is done at most once per second.
1008 static void prune_dead_connections(struct Curl_easy *data)
1010 struct curltime now = Curl_now();
1011 time_t elapsed = Curl_timediff(now, data->state.conn_cache->last_cleanup);
1013 if(elapsed >= 1000L) {
1014 struct prunedead prune;
1016 prune.extracted = NULL;
1017 while(Curl_conncache_foreach(data, data->state.conn_cache, &prune,
1018 call_extract_if_dead)) {
1020 (void)Curl_disconnect(prune.extracted, /* dead_connection */TRUE);
1022 data->state.conn_cache->last_cleanup = now;
1027 static size_t max_pipeline_length(struct Curl_multi *multi)
1029 return multi ? multi->max_pipeline_length : 0;
1034 * Given one filled in connection struct (named needle), this function should
1035 * detect if there already is one that has all the significant details
1036 * exactly the same and thus should be used instead.
1038 * If there is a match, this function returns TRUE - and has marked the
1039 * connection as 'in-use'. It must later be called with ConnectionDone() to
1040 * return back to 'idle' (unused) state.
1042 * The force_reuse flag is set if the connection must be used, even if
1043 * the pipelining strategy wants to open a new connection instead of reusing.
1046 ConnectionExists(struct Curl_easy *data,
1047 struct connectdata *needle,
1048 struct connectdata **usethis,
1052 struct connectdata *check;
1053 struct connectdata *chosen = 0;
1054 bool foundPendingCandidate = FALSE;
1055 int canpipe = IsPipeliningPossible(data, needle);
1056 struct connectbundle *bundle;
1059 bool wantNTLMhttp = ((data->state.authhost.want &
1060 (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
1061 (needle->handler->protocol & PROTO_FAMILY_HTTP));
1062 bool wantProxyNTLMhttp = (needle->bits.proxy_user_passwd &&
1063 ((data->state.authproxy.want &
1064 (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
1065 (needle->handler->protocol & PROTO_FAMILY_HTTP)));
1068 *force_reuse = FALSE;
1071 /* We can't pipeline if the site is blacklisted */
1072 if((canpipe & CURLPIPE_HTTP1) &&
1073 Curl_pipeline_site_blacklisted(data, needle))
1074 canpipe &= ~ CURLPIPE_HTTP1;
1076 /* Look up the bundle with all the connections to this particular host.
1077 Locks the connection cache, beware of early returns! */
1078 bundle = Curl_conncache_find_bundle(needle, data->state.conn_cache);
1080 /* Max pipe length is zero (unlimited) for multiplexed connections */
1081 size_t max_pipe_len = (bundle->multiuse != BUNDLE_MULTIPLEX)?
1082 max_pipeline_length(data->multi):0;
1083 size_t best_pipe_len = max_pipe_len;
1084 struct curl_llist_element *curr;
1086 infof(data, "Found bundle for host %s: %p [%s]\n",
1087 (needle->bits.conn_to_host ? needle->conn_to_host.name :
1088 needle->host.name), (void *)bundle,
1089 (bundle->multiuse == BUNDLE_PIPELINING ?
1091 (bundle->multiuse == BUNDLE_MULTIPLEX ?
1092 "can multiplex" : "serially")));
1094 /* We can't pipeline if we don't know anything about the server */
1096 if(bundle->multiuse <= BUNDLE_UNKNOWN) {
1097 if((bundle->multiuse == BUNDLE_UNKNOWN) && data->set.pipewait) {
1098 infof(data, "Server doesn't support multi-use yet, wait\n");
1100 Curl_conncache_unlock(needle);
1101 return FALSE; /* no re-use */
1104 infof(data, "Server doesn't support multi-use (yet)\n");
1107 if((bundle->multiuse == BUNDLE_PIPELINING) &&
1108 !Curl_pipeline_wanted(data->multi, CURLPIPE_HTTP1)) {
1109 /* not asked for, switch off */
1110 infof(data, "Could pipeline, but not asked to!\n");
1113 else if((bundle->multiuse == BUNDLE_MULTIPLEX) &&
1114 !Curl_pipeline_wanted(data->multi, CURLPIPE_MULTIPLEX)) {
1115 infof(data, "Could multiplex, but not asked to!\n");
1120 curr = bundle->conn_list.head;
1126 * Note that if we use a HTTP proxy in normal mode (no tunneling), we
1127 * check connections to that proxy and not to the actual remote server.
1132 if(extract_if_dead(check, data)) {
1134 (void)Curl_disconnect(check, /* dead_connection */TRUE);
1138 pipeLen = check->send_pipe.size + check->recv_pipe.size;
1141 if(check->bits.protoconnstart && check->bits.close)
1144 if(!check->bits.multiplex) {
1145 /* If not multiplexing, make sure the connection is fine for HTTP/1
1147 struct Curl_easy* sh = gethandleathead(&check->send_pipe);
1148 struct Curl_easy* rh = gethandleathead(&check->recv_pipe);
1150 if(!(IsPipeliningPossible(sh, check) & CURLPIPE_HTTP1))
1154 if(!(IsPipeliningPossible(rh, check) & CURLPIPE_HTTP1))
1161 /* can only happen within multi handles, and means that another easy
1162 handle is using this connection */
1166 if(Curl_resolver_asynch()) {
1167 /* ip_addr_str[0] is NUL only if the resolving of the name hasn't
1168 completed yet and until then we don't re-use this connection */
1169 if(!check->ip_addr_str[0]) {
1171 "Connection #%ld is still name resolving, can't reuse\n",
1172 check->connection_id);
1177 if((check->sock[FIRSTSOCKET] == CURL_SOCKET_BAD) ||
1178 check->bits.close) {
1179 if(!check->bits.close)
1180 foundPendingCandidate = TRUE;
1181 /* Don't pick a connection that hasn't connected yet or that is going
1183 infof(data, "Connection #%ld isn't open enough, can't reuse\n",
1184 check->connection_id);
1186 if(check->recv_pipe.size > 0) {
1188 "BAD! Unconnected #%ld has a non-empty recv pipeline!\n",
1189 check->connection_id);
1196 #ifdef USE_UNIX_SOCKETS
1197 if(needle->unix_domain_socket) {
1198 if(!check->unix_domain_socket)
1200 if(strcmp(needle->unix_domain_socket, check->unix_domain_socket))
1202 if(needle->abstract_unix_socket != check->abstract_unix_socket)
1205 else if(check->unix_domain_socket)
1209 if((needle->handler->flags&PROTOPT_SSL) !=
1210 (check->handler->flags&PROTOPT_SSL))
1211 /* don't do mixed SSL and non-SSL connections */
1212 if(get_protocol_family(check->handler->protocol) !=
1213 needle->handler->protocol || !check->tls_upgraded)
1214 /* except protocols that have been upgraded via TLS */
1217 if(needle->bits.httpproxy != check->bits.httpproxy ||
1218 needle->bits.socksproxy != check->bits.socksproxy)
1221 if(needle->bits.socksproxy && !proxy_info_matches(&needle->socks_proxy,
1222 &check->socks_proxy))
1225 if(needle->bits.conn_to_host != check->bits.conn_to_host)
1226 /* don't mix connections that use the "connect to host" feature and
1227 * connections that don't use this feature */
1230 if(needle->bits.conn_to_port != check->bits.conn_to_port)
1231 /* don't mix connections that use the "connect to port" feature and
1232 * connections that don't use this feature */
1235 if(needle->bits.httpproxy) {
1236 if(!proxy_info_matches(&needle->http_proxy, &check->http_proxy))
1239 if(needle->bits.tunnel_proxy != check->bits.tunnel_proxy)
1242 if(needle->http_proxy.proxytype == CURLPROXY_HTTPS) {
1243 /* use https proxy */
1244 if(needle->handler->flags&PROTOPT_SSL) {
1245 /* use double layer ssl */
1246 if(!Curl_ssl_config_matches(&needle->proxy_ssl_config,
1247 &check->proxy_ssl_config))
1249 if(check->proxy_ssl[FIRSTSOCKET].state != ssl_connection_complete)
1253 if(!Curl_ssl_config_matches(&needle->ssl_config,
1254 &check->ssl_config))
1256 if(check->ssl[FIRSTSOCKET].state != ssl_connection_complete)
1262 if(!canpipe && check->inuse)
1263 /* this request can't be pipelined but the checked connection is
1264 already in use so we skip it */
1267 if((check->inuse) && (check->data->multi != needle->data->multi))
1268 /* this could be subject for pipeline/multiplex use, but only
1269 if they belong to the same multi handle */
1272 if(needle->localdev || needle->localport) {
1273 /* If we are bound to a specific local end (IP+port), we must not
1274 re-use a random other one, although if we didn't ask for a
1275 particular one we can reuse one that was bound.
1277 This comparison is a bit rough and too strict. Since the input
1278 parameters can be specified in numerous ways and still end up the
1279 same it would take a lot of processing to make it really accurate.
1280 Instead, this matching will assume that re-uses of bound connections
1281 will most likely also re-use the exact same binding parameters and
1282 missing out a few edge cases shouldn't hurt anyone very much.
1284 if((check->localport != needle->localport) ||
1285 (check->localportrange != needle->localportrange) ||
1286 (needle->localdev &&
1287 (!check->localdev || strcmp(check->localdev, needle->localdev))))
1291 if(!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) {
1292 /* This protocol requires credentials per connection,
1293 so verify that we're using the same name and password as well */
1294 if(strcmp(needle->user, check->user) ||
1295 strcmp(needle->passwd, check->passwd)) {
1296 /* one of them was different */
1301 if(!needle->bits.httpproxy || (needle->handler->flags&PROTOPT_SSL) ||
1302 needle->bits.tunnel_proxy) {
1303 /* The requested connection does not use a HTTP proxy or it uses SSL or
1304 it is a non-SSL protocol tunneled or it is a non-SSL protocol which
1305 is allowed to be upgraded via TLS */
1307 if((strcasecompare(needle->handler->scheme, check->handler->scheme) ||
1308 (get_protocol_family(check->handler->protocol) ==
1309 needle->handler->protocol && check->tls_upgraded)) &&
1310 (!needle->bits.conn_to_host || strcasecompare(
1311 needle->conn_to_host.name, check->conn_to_host.name)) &&
1312 (!needle->bits.conn_to_port ||
1313 needle->conn_to_port == check->conn_to_port) &&
1314 strcasecompare(needle->host.name, check->host.name) &&
1315 needle->remote_port == check->remote_port) {
1316 /* The schemes match or the the protocol family is the same and the
1317 previous connection was TLS upgraded, and the hostname and host
1319 if(needle->handler->flags & PROTOPT_SSL) {
1320 /* This is a SSL connection so verify that we're using the same
1321 SSL options as well */
1322 if(!Curl_ssl_config_matches(&needle->ssl_config,
1323 &check->ssl_config)) {
1325 "Connection #%ld has different SSL parameters, "
1327 check->connection_id));
1330 if(check->ssl[FIRSTSOCKET].state != ssl_connection_complete) {
1331 foundPendingCandidate = TRUE;
1333 "Connection #%ld has not started SSL connect, "
1335 check->connection_id));
1343 /* The requested connection is using the same HTTP proxy in normal
1344 mode (no tunneling) */
1349 #if defined(USE_NTLM)
1350 /* If we are looking for an HTTP+NTLM connection, check if this is
1351 already authenticating with the right credentials. If not, keep
1352 looking so that we can reuse NTLM connections if
1353 possible. (Especially we must not reuse the same connection if
1354 partway through a handshake!) */
1356 if(strcmp(needle->user, check->user) ||
1357 strcmp(needle->passwd, check->passwd))
1360 else if(check->ntlm.state != NTLMSTATE_NONE) {
1361 /* Connection is using NTLM auth but we don't want NTLM */
1365 /* Same for Proxy NTLM authentication */
1366 if(wantProxyNTLMhttp) {
1367 /* Both check->http_proxy.user and check->http_proxy.passwd can be
1369 if(!check->http_proxy.user || !check->http_proxy.passwd)
1372 if(strcmp(needle->http_proxy.user, check->http_proxy.user) ||
1373 strcmp(needle->http_proxy.passwd, check->http_proxy.passwd))
1376 else if(check->proxyntlm.state != NTLMSTATE_NONE) {
1377 /* Proxy connection is using NTLM auth but we don't want NTLM */
1381 if(wantNTLMhttp || wantProxyNTLMhttp) {
1382 /* Credentials are already checked, we can use this connection */
1386 (check->ntlm.state != NTLMSTATE_NONE)) ||
1387 (wantProxyNTLMhttp &&
1388 (check->proxyntlm.state != NTLMSTATE_NONE))) {
1389 /* We must use this connection, no other */
1390 *force_reuse = TRUE;
1394 /* Continue look up for a better connection */
1399 /* We can pipeline if we want to. Let's continue looking for
1400 the optimal connection to use, i.e the shortest pipe that is not
1404 /* We have the optimal connection. Let's stop looking. */
1409 /* We can't use the connection if the pipe is full */
1410 if(max_pipe_len && (pipeLen >= max_pipe_len)) {
1411 infof(data, "Pipe is full, skip (%zu)\n", pipeLen);
1415 /* If multiplexed, make sure we don't go over concurrency limit */
1416 if(check->bits.multiplex) {
1417 /* Multiplexed connections can only be HTTP/2 for now */
1418 struct http_conn *httpc = &check->proto.httpc;
1419 if(pipeLen >= httpc->settings.max_concurrent_streams) {
1420 infof(data, "MAX_CONCURRENT_STREAMS reached, skip (%zu)\n",
1426 /* We can't use the connection if the pipe is penalized */
1427 if(Curl_pipeline_penalized(data, check)) {
1428 infof(data, "Penalized, skip\n");
1433 if(pipeLen < best_pipe_len) {
1434 /* This connection has a shorter pipe so far. We'll pick this
1435 and continue searching */
1437 best_pipe_len = pipeLen;
1442 /* When not pipelining (== multiplexed), we have a match here! */
1444 infof(data, "Multiplexed connection found!\n");
1449 /* We have found a connection. Let's stop searching. */
1458 /* mark it as used before releasing the lock */
1459 chosen->inuse = TRUE;
1460 Curl_conncache_unlock(needle);
1462 return TRUE; /* yes, we found one to use! */
1464 Curl_conncache_unlock(needle);
1466 if(foundPendingCandidate && data->set.pipewait) {
1468 "Found pending candidate for reuse and CURLOPT_PIPEWAIT is set\n");
1472 return FALSE; /* no matching connecting exists */
1475 /* after a TCP connection to the proxy has been verified, this function does
1476 the next magic step.
1478 Note: this function's sub-functions call failf()
1481 CURLcode Curl_connected_proxy(struct connectdata *conn, int sockindex)
1483 CURLcode result = CURLE_OK;
1485 if(conn->bits.socksproxy) {
1486 #ifndef CURL_DISABLE_PROXY
1487 /* for the secondary socket (FTP), use the "connect to host"
1488 * but ignore the "connect to port" (use the secondary port)
1490 const char * const host = conn->bits.httpproxy ?
1491 conn->http_proxy.host.name :
1492 conn->bits.conn_to_host ?
1493 conn->conn_to_host.name :
1494 sockindex == SECONDARYSOCKET ?
1495 conn->secondaryhostname : conn->host.name;
1496 const int port = conn->bits.httpproxy ? (int)conn->http_proxy.port :
1497 sockindex == SECONDARYSOCKET ? conn->secondary_port :
1498 conn->bits.conn_to_port ? conn->conn_to_port :
1500 conn->bits.socksproxy_connecting = TRUE;
1501 switch(conn->socks_proxy.proxytype) {
1502 case CURLPROXY_SOCKS5:
1503 case CURLPROXY_SOCKS5_HOSTNAME:
1504 result = Curl_SOCKS5(conn->socks_proxy.user, conn->socks_proxy.passwd,
1505 host, port, sockindex, conn);
1508 case CURLPROXY_SOCKS4:
1509 case CURLPROXY_SOCKS4A:
1510 result = Curl_SOCKS4(conn->socks_proxy.user, host, port, sockindex,
1515 failf(conn->data, "unknown proxytype option given");
1516 result = CURLE_COULDNT_CONNECT;
1517 } /* switch proxytype */
1518 conn->bits.socksproxy_connecting = FALSE;
1521 #endif /* CURL_DISABLE_PROXY */
1528 * verboseconnect() displays verbose information after a connect
1530 #ifndef CURL_DISABLE_VERBOSE_STRINGS
1531 void Curl_verboseconnect(struct connectdata *conn)
1533 if(conn->data->set.verbose)
1534 infof(conn->data, "Connected to %s (%s) port %ld (#%ld)\n",
1535 conn->bits.socksproxy ? conn->socks_proxy.host.dispname :
1536 conn->bits.httpproxy ? conn->http_proxy.host.dispname :
1537 conn->bits.conn_to_host ? conn->conn_to_host.dispname :
1538 conn->host.dispname,
1539 conn->ip_addr_str, conn->port, conn->connection_id);
1543 int Curl_protocol_getsock(struct connectdata *conn,
1544 curl_socket_t *socks,
1547 if(conn->handler->proto_getsock)
1548 return conn->handler->proto_getsock(conn, socks, numsocks);
1549 return GETSOCK_BLANK;
1552 int Curl_doing_getsock(struct connectdata *conn,
1553 curl_socket_t *socks,
1556 if(conn && conn->handler->doing_getsock)
1557 return conn->handler->doing_getsock(conn, socks, numsocks);
1558 return GETSOCK_BLANK;
1562 * We are doing protocol-specific connecting and this is being called over and
1563 * over from the multi interface until the connection phase is done on
1567 CURLcode Curl_protocol_connecting(struct connectdata *conn,
1570 CURLcode result = CURLE_OK;
1572 if(conn && conn->handler->connecting) {
1574 result = conn->handler->connecting(conn, done);
1583 * We are DOING this is being called over and over from the multi interface
1584 * until the DOING phase is done on protocol layer.
1587 CURLcode Curl_protocol_doing(struct connectdata *conn, bool *done)
1589 CURLcode result = CURLE_OK;
1591 if(conn && conn->handler->doing) {
1593 result = conn->handler->doing(conn, done);
1602 * We have discovered that the TCP connection has been successful, we can now
1603 * proceed with some action.
1606 CURLcode Curl_protocol_connect(struct connectdata *conn,
1607 bool *protocol_done)
1609 CURLcode result = CURLE_OK;
1611 *protocol_done = FALSE;
1613 if(conn->bits.tcpconnect[FIRSTSOCKET] && conn->bits.protoconnstart) {
1614 /* We already are connected, get back. This may happen when the connect
1615 worked fine in the first call, like when we connect to a local server
1616 or proxy. Note that we don't know if the protocol is actually done.
1618 Unless this protocol doesn't have any protocol-connect callback, as
1619 then we know we're done. */
1620 if(!conn->handler->connecting)
1621 *protocol_done = TRUE;
1626 if(!conn->bits.protoconnstart) {
1628 result = Curl_proxy_connect(conn, FIRSTSOCKET);
1632 if(CONNECT_FIRSTSOCKET_PROXY_SSL())
1633 /* wait for HTTPS proxy SSL initialization to complete */
1636 if(conn->bits.tunnel_proxy && conn->bits.httpproxy &&
1637 Curl_connect_ongoing(conn))
1638 /* when using an HTTP tunnel proxy, await complete tunnel establishment
1639 before proceeding further. Return CURLE_OK so we'll be called again */
1642 if(conn->handler->connect_it) {
1643 /* is there a protocol-specific connect() procedure? */
1645 /* Call the protocol-specific connect function */
1646 result = conn->handler->connect_it(conn, protocol_done);
1649 *protocol_done = TRUE;
1651 /* it has started, possibly even completed but that knowledge isn't stored
1654 conn->bits.protoconnstart = TRUE;
1657 return result; /* pass back status */
1661 * Helpers for IDNA conversions.
1663 static bool is_ASCII_name(const char *hostname)
1665 const unsigned char *ch = (const unsigned char *)hostname;
1675 * Perform any necessary IDN conversion of hostname
1677 static CURLcode fix_hostname(struct connectdata *conn, struct hostname *host)
1680 struct Curl_easy *data = conn->data;
1685 #elif defined(CURL_DISABLE_VERBOSE_STRINGS)
1689 /* set the name we use to display the host name */
1690 host->dispname = host->name;
1692 len = strlen(host->name);
1693 if(len && (host->name[len-1] == '.'))
1694 /* strip off a single trailing dot if present, primarily for SNI but
1695 there's no use for it */
1696 host->name[len-1] = 0;
1698 /* Check name for non-ASCII and convert hostname to ACE form if we can */
1699 if(!is_ASCII_name(host->name)) {
1701 if(idn2_check_version(IDN2_VERSION)) {
1702 char *ace_hostname = NULL;
1703 #if IDN2_VERSION_NUMBER >= 0x00140000
1704 /* IDN2_NFC_INPUT: Normalize input string using normalization form C.
1705 IDN2_NONTRANSITIONAL: Perform Unicode TR46 non-transitional
1707 int flags = IDN2_NFC_INPUT | IDN2_NONTRANSITIONAL;
1709 int flags = IDN2_NFC_INPUT;
1711 int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, flags);
1713 host->encalloc = (char *)ace_hostname;
1714 /* change the name pointer to point to the encoded hostname */
1715 host->name = host->encalloc;
1718 failf(data, "Failed to convert %s to ACE; %s\n", host->name,
1720 return CURLE_URL_MALFORMAT;
1723 #elif defined(USE_WIN32_IDN)
1724 char *ace_hostname = NULL;
1726 if(curl_win32_idn_to_ascii(host->name, &ace_hostname)) {
1727 host->encalloc = ace_hostname;
1728 /* change the name pointer to point to the encoded hostname */
1729 host->name = host->encalloc;
1732 failf(data, "Failed to convert %s to ACE;\n", host->name);
1733 return CURLE_URL_MALFORMAT;
1736 infof(data, "IDN support not present, can't parse Unicode domains\n");
1741 for(hostp = host->name; *hostp; hostp++) {
1743 failf(data, "Host name '%s' contains bad letter", host->name);
1744 return CURLE_URL_MALFORMAT;
1752 * Frees data allocated by fix_hostname()
1754 static void free_fixed_hostname(struct hostname *host)
1756 #if defined(USE_LIBIDN2)
1757 if(host->encalloc) {
1758 idn2_free(host->encalloc); /* must be freed with idn2_free() since this was
1759 allocated by libidn */
1760 host->encalloc = NULL;
1762 #elif defined(USE_WIN32_IDN)
1763 free(host->encalloc); /* must be freed with free() since this was
1764 allocated by curl_win32_idn_to_ascii */
1765 host->encalloc = NULL;
1771 static void llist_dtor(void *user, void *element)
1779 * Allocate and initialize a new connectdata object.
1781 static struct connectdata *allocate_conn(struct Curl_easy *data)
1783 struct connectdata *conn = calloc(1, sizeof(struct connectdata));
1788 /* The SSL backend-specific data (ssl_backend_data) objects are allocated as
1789 a separate array to ensure suitable alignment.
1790 Note that these backend pointers can be swapped by vtls (eg ssl backend
1791 data becomes proxy backend data). */
1793 size_t sslsize = Curl_ssl->sizeof_ssl_backend_data;
1794 char *ssl = calloc(4, sslsize);
1799 conn->ssl_extra = ssl;
1800 conn->ssl[0].backend = (void *)ssl;
1801 conn->ssl[1].backend = (void *)(ssl + sslsize);
1802 conn->proxy_ssl[0].backend = (void *)(ssl + 2 * sslsize);
1803 conn->proxy_ssl[1].backend = (void *)(ssl + 3 * sslsize);
1807 conn->handler = &Curl_handler_dummy; /* Be sure we have a handler defined
1808 already from start to avoid NULL
1809 situations and checks */
1811 /* and we setup a few fields in case we end up actually using this struct */
1813 conn->sock[FIRSTSOCKET] = CURL_SOCKET_BAD; /* no file descriptor */
1814 conn->sock[SECONDARYSOCKET] = CURL_SOCKET_BAD; /* no file descriptor */
1815 conn->tempsock[0] = CURL_SOCKET_BAD; /* no file descriptor */
1816 conn->tempsock[1] = CURL_SOCKET_BAD; /* no file descriptor */
1817 conn->connection_id = -1; /* no ID */
1818 conn->port = -1; /* unknown at this point */
1819 conn->remote_port = -1; /* unknown at this point */
1820 #if defined(USE_RECV_BEFORE_SEND_WORKAROUND) && defined(DEBUGBUILD)
1821 conn->postponed[0].bindsock = CURL_SOCKET_BAD; /* no file descriptor */
1822 conn->postponed[1].bindsock = CURL_SOCKET_BAD; /* no file descriptor */
1823 #endif /* USE_RECV_BEFORE_SEND_WORKAROUND && DEBUGBUILD */
1825 /* Default protocol-independent behavior doesn't support persistent
1826 connections, so we set this to force-close. Protocols that support
1827 this need to set this to FALSE in their "curl_do" functions. */
1828 connclose(conn, "Default to force-close");
1830 /* Store creation time to help future close decision making */
1831 conn->created = Curl_now();
1833 conn->data = data; /* Setup the association between this connection
1834 and the Curl_easy */
1836 conn->http_proxy.proxytype = data->set.proxytype;
1837 conn->socks_proxy.proxytype = CURLPROXY_SOCKS4;
1839 #ifdef CURL_DISABLE_PROXY
1841 conn->bits.proxy = FALSE;
1842 conn->bits.httpproxy = FALSE;
1843 conn->bits.socksproxy = FALSE;
1844 conn->bits.proxy_user_passwd = FALSE;
1845 conn->bits.tunnel_proxy = FALSE;
1847 #else /* CURL_DISABLE_PROXY */
1849 /* note that these two proxy bits are now just on what looks to be
1850 requested, they may be altered down the road */
1851 conn->bits.proxy = (data->set.str[STRING_PROXY] &&
1852 *data->set.str[STRING_PROXY]) ? TRUE : FALSE;
1853 conn->bits.httpproxy = (conn->bits.proxy &&
1854 (conn->http_proxy.proxytype == CURLPROXY_HTTP ||
1855 conn->http_proxy.proxytype == CURLPROXY_HTTP_1_0 ||
1856 conn->http_proxy.proxytype == CURLPROXY_HTTPS)) ?
1858 conn->bits.socksproxy = (conn->bits.proxy &&
1859 !conn->bits.httpproxy) ? TRUE : FALSE;
1861 if(data->set.str[STRING_PRE_PROXY] && *data->set.str[STRING_PRE_PROXY]) {
1862 conn->bits.proxy = TRUE;
1863 conn->bits.socksproxy = TRUE;
1866 conn->bits.proxy_user_passwd =
1867 (data->set.str[STRING_PROXYUSERNAME]) ? TRUE : FALSE;
1868 conn->bits.tunnel_proxy = data->set.tunnel_thru_httpproxy;
1870 #endif /* CURL_DISABLE_PROXY */
1872 conn->bits.user_passwd = (data->set.str[STRING_USERNAME]) ? TRUE : FALSE;
1873 conn->bits.ftp_use_epsv = data->set.ftp_use_epsv;
1874 conn->bits.ftp_use_eprt = data->set.ftp_use_eprt;
1876 conn->ssl_config.verifystatus = data->set.ssl.primary.verifystatus;
1877 conn->ssl_config.verifypeer = data->set.ssl.primary.verifypeer;
1878 conn->ssl_config.verifyhost = data->set.ssl.primary.verifyhost;
1879 conn->proxy_ssl_config.verifystatus =
1880 data->set.proxy_ssl.primary.verifystatus;
1881 conn->proxy_ssl_config.verifypeer = data->set.proxy_ssl.primary.verifypeer;
1882 conn->proxy_ssl_config.verifyhost = data->set.proxy_ssl.primary.verifyhost;
1884 conn->ip_version = data->set.ipver;
1886 #if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \
1887 defined(NTLM_WB_ENABLED)
1888 conn->ntlm_auth_hlpr_socket = CURL_SOCKET_BAD;
1889 conn->ntlm_auth_hlpr_pid = 0;
1890 conn->challenge_header = NULL;
1891 conn->response_header = NULL;
1894 if(Curl_pipeline_wanted(data->multi, CURLPIPE_HTTP1) &&
1895 !conn->master_buffer) {
1896 /* Allocate master_buffer to be used for HTTP/1 pipelining */
1897 conn->master_buffer = calloc(MASTERBUF_SIZE, sizeof(char));
1898 if(!conn->master_buffer)
1902 /* Initialize the pipeline lists */
1903 Curl_llist_init(&conn->send_pipe, (curl_llist_dtor) llist_dtor);
1904 Curl_llist_init(&conn->recv_pipe, (curl_llist_dtor) llist_dtor);
1907 conn->data_prot = PROT_CLEAR;
1910 /* Store the local bind parameters that will be used for this connection */
1911 if(data->set.str[STRING_DEVICE]) {
1912 conn->localdev = strdup(data->set.str[STRING_DEVICE]);
1916 conn->localportrange = data->set.localportrange;
1917 conn->localport = data->set.localport;
1919 /* the close socket stuff needs to be copied to the connection struct as
1920 it may live on without (this specific) Curl_easy */
1921 conn->fclosesocket = data->set.fclosesocket;
1922 conn->closesocket_client = data->set.closesocket_client;
1927 Curl_llist_destroy(&conn->send_pipe, NULL);
1928 Curl_llist_destroy(&conn->recv_pipe, NULL);
1930 free(conn->master_buffer);
1931 free(conn->localdev);
1933 free(conn->ssl_extra);
1939 static CURLcode findprotocol(struct Curl_easy *data,
1940 struct connectdata *conn,
1941 const char *protostr)
1943 const struct Curl_handler * const *pp;
1944 const struct Curl_handler *p;
1946 /* Scan protocol handler table and match against 'protostr' to set a few
1947 variables based on the URL. Now that the handler may be changed later
1948 when the protocol specific setup function is called. */
1949 for(pp = protocols; (p = *pp) != NULL; pp++) {
1950 if(strcasecompare(p->scheme, protostr)) {
1951 /* Protocol found in table. Check if allowed */
1952 if(!(data->set.allowed_protocols & p->protocol))
1956 /* it is allowed for "normal" request, now do an extra check if this is
1957 the result of a redirect */
1958 if(data->state.this_is_a_follow &&
1959 !(data->set.redir_protocols & p->protocol))
1963 /* Perform setup complement if some. */
1964 conn->handler = conn->given = p;
1966 /* 'port' and 'remote_port' are set in setup_connection_internals() */
1972 /* The protocol was not found in the table, but we don't have to assign it
1973 to anything since it is already assigned to a dummy-struct in the
1974 create_conn() function when the connectdata struct is allocated. */
1975 failf(data, "Protocol \"%s\" not supported or disabled in " LIBCURL_NAME,
1978 return CURLE_UNSUPPORTED_PROTOCOL;
1982 * Parse URL and fill in the relevant members of the connection struct.
1984 static CURLcode parseurlandfillconn(struct Curl_easy *data,
1985 struct connectdata *conn,
1987 char **userp, char **passwdp,
1992 char *path = data->state.path;
1996 const char *protop = "";
1998 bool rebuild_url = FALSE;
1999 bool url_has_scheme = FALSE;
2002 *prot_missing = FALSE;
2004 /* We might pass the entire URL into the request so we need to make sure
2005 * there are no bad characters in there.*/
2006 if(strpbrk(data->change.url, "\r\n")) {
2007 failf(data, "Illegal characters found in URL");
2008 return CURLE_URL_MALFORMAT;
2011 /*************************************************************
2014 * We need to parse the url even when using the proxy, because we will need
2015 * the hostname and port in case we are trying to SSL connect through the
2016 * proxy -- and we don't know if we will need to use SSL until we parse the
2018 ************************************************************/
2019 if(data->change.url[0] == ':') {
2020 failf(data, "Bad URL, colon is first character");
2021 return CURLE_URL_MALFORMAT;
2024 /* MSDOS/Windows style drive prefix, eg c: in c:foo */
2025 #define STARTS_WITH_DRIVE_PREFIX(str) \
2026 ((('a' <= str[0] && str[0] <= 'z') || \
2027 ('A' <= str[0] && str[0] <= 'Z')) && \
2030 /* MSDOS/Windows style drive prefix, optionally with
2031 * a '|' instead of ':', followed by a slash or NUL */
2032 #define STARTS_WITH_URL_DRIVE_PREFIX(str) \
2033 ((('a' <= (str)[0] && (str)[0] <= 'z') || \
2034 ('A' <= (str)[0] && (str)[0] <= 'Z')) && \
2035 ((str)[1] == ':' || (str)[1] == '|') && \
2036 ((str)[2] == '/' || (str)[2] == '\\' || (str)[2] == 0))
2038 /* Don't mistake a drive letter for a scheme if the default protocol is file.
2039 curld --proto-default file c:/foo/bar.txt */
2040 if(STARTS_WITH_DRIVE_PREFIX(data->change.url) &&
2041 data->set.str[STRING_DEFAULT_PROTOCOL] &&
2042 strcasecompare(data->set.str[STRING_DEFAULT_PROTOCOL], "file")) {
2045 else { /* check for a scheme */
2046 for(i = 0; i < 16 && data->change.url[i]; ++i) {
2047 if(data->change.url[i] == '/')
2049 if(data->change.url[i] == ':') {
2050 url_has_scheme = TRUE;
2056 /* handle the file: scheme */
2057 if((url_has_scheme && strncasecompare(data->change.url, "file:", 5)) ||
2058 (!url_has_scheme && data->set.str[STRING_DEFAULT_PROTOCOL] &&
2059 strcasecompare(data->set.str[STRING_DEFAULT_PROTOCOL], "file"))) {
2061 rc = sscanf(data->change.url, "%*15[^\n/:]:%[^\n]", path);
2063 rc = sscanf(data->change.url, "%[^\n]", path);
2066 failf(data, "Bad URL");
2067 return CURLE_URL_MALFORMAT;
2070 if(url_has_scheme && path[0] == '/' && path[1] == '/' &&
2071 path[2] == '/' && path[3] == '/') {
2072 /* This appears to be a UNC string (usually indicating a SMB share).
2073 * We don't do SMB in file: URLs. (TODO?)
2075 failf(data, "SMB shares are not supported in file: URLs.");
2076 return CURLE_URL_MALFORMAT;
2079 /* Extra handling URLs with an authority component (i.e. that start with
2082 * We allow omitted hostname (e.g. file:/<path>) -- valid according to
2083 * RFC 8089, but not the (current) WHAT-WG URL spec.
2085 if(url_has_scheme && path[0] == '/' && path[1] == '/') {
2086 /* swallow the two slashes */
2087 char *ptr = &path[2];
2090 * According to RFC 8089, a file: URL can be reliably dereferenced if:
2092 * o it has no/blank hostname, or
2094 * o the hostname matches "localhost" (case-insensitively), or
2096 * o the hostname is a FQDN that resolves to this machine.
2098 * For brevity, we only consider URLs with empty, "localhost", or
2099 * "127.0.0.1" hostnames as local.
2101 * Additionally, there is an exception for URLs with a Windows drive
2102 * letter in the authority (which was accidentally omitted from RFC 8089
2103 * Appendix E, but believe me, it was meant to be there. --MK)
2105 if(ptr[0] != '/' && !STARTS_WITH_URL_DRIVE_PREFIX(ptr)) {
2106 /* the URL includes a host name, it must match "localhost" or
2107 "127.0.0.1" to be valid */
2108 if(!checkprefix("localhost/", ptr) &&
2109 !checkprefix("127.0.0.1/", ptr)) {
2110 failf(data, "Invalid file://hostname/, "
2111 "expected localhost or 127.0.0.1 or none");
2112 return CURLE_URL_MALFORMAT;
2114 ptr += 9; /* now points to the slash after the host */
2118 * RFC 8089, Appendix D, Section D.1, says:
2120 * > In a POSIX file system, the root of the file system is represented
2121 * > as a directory with a zero-length name, usually written as "/"; the
2122 * > presence of this root in a file URI can be taken as given by the
2123 * > initial slash in the "path-absolute" rule.
2125 * i.e. the first slash is part of the path.
2127 * However in RFC 1738 the "/" between the host (or port) and the
2128 * URL-path was NOT part of the URL-path. Any agent that followed the
2129 * older spec strictly, and wanted to refer to a file with an absolute
2130 * path, would have included a second slash. So if there are two
2131 * slashes, swallow one.
2133 if('/' == ptr[1]) /* note: the only way ptr[0]!='/' is if ptr[1]==':' */
2136 /* This cannot be done with strcpy, as the memory chunks overlap! */
2137 memmove(path, ptr, strlen(ptr) + 1);
2140 #if !defined(MSDOS) && !defined(WIN32) && !defined(__CYGWIN__)
2141 /* Don't allow Windows drive letters when not in Windows.
2142 * This catches both "file:/c:" and "file:c:" */
2143 if(('/' == path[0] && STARTS_WITH_URL_DRIVE_PREFIX(&path[1])) ||
2144 STARTS_WITH_URL_DRIVE_PREFIX(path)) {
2145 failf(data, "File drive letters are only accepted in MSDOS/Windows.");
2146 return CURLE_URL_MALFORMAT;
2149 /* If the path starts with a slash and a drive letter, ditch the slash */
2150 if('/' == path[0] && STARTS_WITH_URL_DRIVE_PREFIX(&path[1])) {
2151 /* This cannot be done with strcpy, as the memory chunks overlap! */
2152 memmove(path, &path[1], strlen(&path[1]) + 1);
2156 protop = "file"; /* protocol string */
2157 *prot_missing = !url_has_scheme;
2164 rc = sscanf(data->change.url,
2165 "%15[^\n/:]:%3[/]%[^\n/?#]%[^\n]",
2166 protobuf, slashbuf, conn->host.name, path);
2168 failf(data, "Bad URL");
2169 return CURLE_URL_MALFORMAT;
2174 * The URL was badly formatted, let's try the browser-style _without_
2175 * protocol specified like 'http://'.
2177 rc = sscanf(data->change.url, "%[^\n/?#]%[^\n]", conn->host.name, path);
2180 * We couldn't even get this format.
2181 * djgpp 2.04 has a sscanf() bug where 'conn->host.name' is
2182 * assigned, but the return value is EOF!
2184 #if defined(__DJGPP__) && (DJGPP_MINOR == 4)
2185 if(!(rc == -1 && *conn->host.name))
2188 failf(data, "<url> malformed");
2189 return CURLE_URL_MALFORMAT;
2194 * Since there was no protocol part specified in the URL use the
2195 * user-specified default protocol. If we weren't given a default make a
2196 * guess by matching some protocols against the host's outermost
2197 * sub-domain name. Finally if there was no match use HTTP.
2200 protop = data->set.str[STRING_DEFAULT_PROTOCOL];
2202 /* Note: if you add a new protocol, please update the list in
2203 * lib/version.c too! */
2204 if(checkprefix("FTP.", conn->host.name))
2206 else if(checkprefix("DICT.", conn->host.name))
2208 else if(checkprefix("LDAP.", conn->host.name))
2210 else if(checkprefix("IMAP.", conn->host.name))
2212 else if(checkprefix("SMTP.", conn->host.name))
2214 else if(checkprefix("POP3.", conn->host.name))
2220 *prot_missing = TRUE; /* not given in URL */
2223 size_t s = strlen(slashbuf);
2226 infof(data, "Unwillingly accepted illegal URL using %d slash%s!\n",
2229 if(data->change.url_alloc)
2230 free(data->change.url);
2231 /* repair the URL to use two slashes */
2232 data->change.url = aprintf("%s://%s%s",
2233 protobuf, conn->host.name, path);
2234 if(!data->change.url)
2235 return CURLE_OUT_OF_MEMORY;
2236 data->change.url_alloc = TRUE;
2241 /* We search for '?' in the host name (but only on the right side of a
2242 * @-letter to allow ?-letters in username and password) to handle things
2243 * like http://example.com?param= (notice the missing '/').
2245 at = strchr(conn->host.name, '@');
2247 query = strchr(at + 1, '?');
2249 query = strchr(conn->host.name, '?');
2252 /* We must insert a slash before the '?'-letter in the URL. If the URL had
2253 a slash after the '?', that is where the path currently begins and the
2254 '?string' is still part of the host name.
2256 We must move the trailing part from the host name and put it first in
2257 the path. And have it all prefixed with a slash.
2260 size_t hostlen = strlen(query);
2261 size_t pathlen = strlen(path);
2263 /* move the existing path plus the zero byte forward, to make room for
2264 the host-name part */
2265 memmove(path + hostlen + 1, path, pathlen + 1);
2267 /* now copy the trailing host part in front of the existing path */
2268 memcpy(path + 1, query, hostlen);
2270 path[0]='/'; /* prepend the missing slash */
2273 *query = 0; /* now cut off the hostname at the ? */
2276 /* if there's no path set, use a single slash */
2281 /* If the URL is malformatted (missing a '/' after hostname before path) we
2282 * insert a slash here. The only letters except '/' that can start a path is
2283 * '?' and '#' - as controlled by the two sscanf() patterns above.
2285 if(path[0] != '/') {
2286 /* We need this function to deal with overlapping memory areas. We know
2287 that the memory area 'path' points to is 'urllen' bytes big and that
2288 is bigger than the path. Use +1 to move the zero byte too. */
2289 memmove(&path[1], path, strlen(path) + 1);
2293 else if(!data->set.path_as_is) {
2294 /* sanitise paths and remove ../ and ./ sequences according to RFC3986 */
2295 char *newp = Curl_dedotdotify(path);
2297 return CURLE_OUT_OF_MEMORY;
2299 if(strcmp(newp, path)) {
2301 free(data->state.pathbuffer);
2302 data->state.pathbuffer = newp;
2303 data->state.path = newp;
2311 * "rebuild_url" means that one or more URL components have been modified so
2312 * we need to generate an updated full version. We need the corrected URL
2313 * when communicating over HTTP proxy and we don't know at this point if
2314 * we're using a proxy or not.
2319 size_t plen = strlen(path); /* new path, should be 1 byte longer than
2321 size_t prefixlen = strlen(conn->host.name);
2323 if(!*prot_missing) {
2324 size_t protolen = strlen(protop);
2326 if(curl_strnequal(protop, data->change.url, protolen))
2327 prefixlen += protolen;
2329 failf(data, "<url> malformed");
2330 return CURLE_URL_MALFORMAT;
2333 if(curl_strnequal("://", &data->change.url[protolen], 3))
2335 /* only file: is allowed to omit one or both slashes */
2336 else if(curl_strnequal("file:", data->change.url, 5))
2337 prefixlen += 1 + (data->change.url[5] == '/');
2339 failf(data, "<url> malformed");
2340 return CURLE_URL_MALFORMAT;
2344 reurl = malloc(prefixlen + plen + 1);
2346 return CURLE_OUT_OF_MEMORY;
2348 /* copy the prefix */
2349 memcpy(reurl, data->change.url, prefixlen);
2351 /* append the trailing piece + zerobyte */
2352 memcpy(&reurl[prefixlen], path, plen + 1);
2354 /* possible free the old one */
2355 if(data->change.url_alloc) {
2356 Curl_safefree(data->change.url);
2357 data->change.url_alloc = FALSE;
2360 infof(data, "Rebuilt URL to: %s\n", reurl);
2362 data->change.url = reurl;
2363 data->change.url_alloc = TRUE; /* free this later */
2366 result = findprotocol(data, conn, protop);
2371 * Parse the login details from the URL and strip them out of
2374 result = parse_url_login(data, conn, userp, passwdp, optionsp);
2378 if(conn->host.name[0] == '[') {
2379 /* This looks like an IPv6 address literal. See if there is an address
2380 scope if there is no location header */
2381 char *percent = strchr(conn->host.name, '%');
2383 unsigned int identifier_offset = 3;
2385 unsigned long scope;
2386 if(strncmp("%25", percent, 3) != 0) {
2388 "Please URL encode %% as %%25, see RFC 6874.\n");
2389 identifier_offset = 1;
2391 scope = strtoul(percent + identifier_offset, &endp, 10);
2393 /* The address scope was well formed. Knock it out of the
2395 memmove(percent, endp, strlen(endp) + 1);
2396 conn->scope_id = (unsigned int)scope;
2399 /* Zone identifier is not numeric */
2400 #if defined(HAVE_NET_IF_H) && defined(IFNAMSIZ) && defined(HAVE_IF_NAMETOINDEX)
2401 char ifname[IFNAMSIZ + 2];
2402 char *square_bracket;
2403 unsigned int scopeidx = 0;
2404 strncpy(ifname, percent + identifier_offset, IFNAMSIZ + 2);
2405 /* Ensure nullbyte termination */
2406 ifname[IFNAMSIZ + 1] = '\0';
2407 square_bracket = strchr(ifname, ']');
2408 if(square_bracket) {
2410 *square_bracket = '\0';
2411 scopeidx = if_nametoindex(ifname);
2413 infof(data, "Invalid network interface: %s; %s\n", ifname,
2418 char *p = percent + identifier_offset + strlen(ifname);
2420 /* Remove zone identifier from hostname */
2421 memmove(percent, p, strlen(p) + 1);
2422 conn->scope_id = scopeidx;
2425 #endif /* HAVE_NET_IF_H && IFNAMSIZ */
2426 infof(data, "Invalid IPv6 address format\n");
2431 if(data->set.scope_id)
2432 /* Override any scope that was set above. */
2433 conn->scope_id = data->set.scope_id;
2435 /* Remove the fragment part of the path. Per RFC 2396, this is always the
2436 last part of the URI. We are looking for the first '#' so that we deal
2437 gracefully with non conformant URI such as http://example.com#foo#bar. */
2438 fragment = strchr(path, '#');
2442 /* we know the path part ended with a fragment, so we know the full URL
2443 string does too and we need to cut it off from there so it isn't used
2445 fragment = strchr(data->change.url, '#');
2451 * So if the URL was A://B/C#D,
2453 * conn->host.name is B
2454 * data->state.path is /C
2460 * If we're doing a resumed transfer, we need to setup our stuff
2463 static CURLcode setup_range(struct Curl_easy *data)
2465 struct UrlState *s = &data->state;
2466 s->resume_from = data->set.set_resume_from;
2467 if(s->resume_from || data->set.str[STRING_SET_RANGE]) {
2468 if(s->rangestringalloc)
2472 s->range = aprintf("%" CURL_FORMAT_CURL_OFF_TU "-", s->resume_from);
2474 s->range = strdup(data->set.str[STRING_SET_RANGE]);
2476 s->rangestringalloc = (s->range) ? TRUE : FALSE;
2479 return CURLE_OUT_OF_MEMORY;
2481 /* tell ourselves to fetch this range */
2482 s->use_range = TRUE; /* enable range download */
2485 s->use_range = FALSE; /* disable range download */
2492 * setup_connection_internals() -
2494 * Setup connection internals specific to the requested protocol in the
2495 * Curl_easy. This is inited and setup before the connection is made but
2496 * is about the particular protocol that is to be used.
2498 * This MUST get called after proxy magic has been figured out.
2500 static CURLcode setup_connection_internals(struct connectdata *conn)
2502 const struct Curl_handler * p;
2504 struct Curl_easy *data = conn->data;
2506 /* in some case in the multi state-machine, we go back to the CONNECT state
2507 and then a second (or third or...) call to this function will be made
2508 without doing a DISCONNECT or DONE in between (since the connection is
2509 yet in place) and therefore this function needs to first make sure
2510 there's no lingering previous data allocated. */
2511 Curl_free_request_state(data);
2513 memset(&data->req, 0, sizeof(struct SingleRequest));
2514 data->req.maxdownload = -1;
2516 conn->socktype = SOCK_STREAM; /* most of them are TCP streams */
2518 /* Perform setup complement if some. */
2521 if(p->setup_connection) {
2522 result = (*p->setup_connection)(conn);
2527 p = conn->handler; /* May have changed. */
2531 /* we check for -1 here since if proxy was detected already, this
2532 was very likely already set to the proxy port */
2533 conn->port = p->defport;
2539 * Curl_free_request_state() should free temp data that was allocated in the
2540 * Curl_easy for this single request.
2543 void Curl_free_request_state(struct Curl_easy *data)
2545 Curl_safefree(data->req.protop);
2546 Curl_safefree(data->req.newurl);
2550 #ifndef CURL_DISABLE_PROXY
2551 /****************************************************************
2552 * Checks if the host is in the noproxy list. returns true if it matches
2553 * and therefore the proxy should NOT be used.
2554 ****************************************************************/
2555 static bool check_noproxy(const char *name, const char *no_proxy)
2557 /* no_proxy=domain1.dom,host.domain2.dom
2558 * (a comma-separated list of hosts which should
2559 * not be proxied, or an asterisk to override
2560 * all proxy variables)
2564 const char *separator = ", ";
2565 size_t no_proxy_len;
2569 if(no_proxy && no_proxy[0]) {
2570 if(strcasecompare("*", no_proxy)) {
2574 /* NO_PROXY was specified and it wasn't just an asterisk */
2576 no_proxy_len = strlen(no_proxy);
2577 if(name[0] == '[') {
2578 /* IPv6 numerical address */
2579 endptr = strchr(name, ']');
2585 endptr = strchr(name, ':');
2587 namelen = endptr - name;
2589 namelen = strlen(name);
2591 for(tok_start = 0; tok_start < no_proxy_len; tok_start = tok_end + 1) {
2592 while(tok_start < no_proxy_len &&
2593 strchr(separator, no_proxy[tok_start]) != NULL) {
2594 /* Look for the beginning of the token. */
2598 if(tok_start == no_proxy_len)
2599 break; /* It was all trailing separator chars, no more tokens. */
2601 for(tok_end = tok_start; tok_end < no_proxy_len &&
2602 strchr(separator, no_proxy[tok_end]) == NULL; ++tok_end)
2603 /* Look for the end of the token. */
2606 /* To match previous behaviour, where it was necessary to specify
2607 * ".local.com" to prevent matching "notlocal.com", we will leave
2610 if(no_proxy[tok_start] == '.')
2613 if((tok_end - tok_start) <= namelen) {
2614 /* Match the last part of the name to the domain we are checking. */
2615 const char *checkn = name + namelen - (tok_end - tok_start);
2616 if(strncasecompare(no_proxy + tok_start, checkn,
2617 tok_end - tok_start)) {
2618 if((tok_end - tok_start) == namelen || *(checkn - 1) == '.') {
2619 /* We either have an exact match, or the previous character is a .
2620 * so it is within the same domain, so no proxy for this host.
2625 } /* if((tok_end - tok_start) <= namelen) */
2626 } /* for(tok_start = 0; tok_start < no_proxy_len;
2627 tok_start = tok_end + 1) */
2628 } /* NO_PROXY was specified and it wasn't just an asterisk */
2633 #ifndef CURL_DISABLE_HTTP
2634 /****************************************************************
2635 * Detect what (if any) proxy to use. Remember that this selects a host
2636 * name and is not limited to HTTP proxies only.
2637 * The returned pointer must be freed by the caller (unless NULL)
2638 ****************************************************************/
2639 static char *detect_proxy(struct connectdata *conn)
2643 /* If proxy was not specified, we check for default proxy environment
2644 * variables, to enable i.e Lynx compliance:
2646 * http_proxy=http://some.server.dom:port/
2647 * https_proxy=http://some.server.dom:port/
2648 * ftp_proxy=http://some.server.dom:port/
2649 * no_proxy=domain1.dom,host.domain2.dom
2650 * (a comma-separated list of hosts which should
2651 * not be proxied, or an asterisk to override
2652 * all proxy variables)
2653 * all_proxy=http://some.server.dom:port/
2654 * (seems to exist for the CERN www lib. Probably
2655 * the first to check for.)
2657 * For compatibility, the all-uppercase versions of these variables are
2658 * checked if the lowercase versions don't exist.
2660 char proxy_env[128];
2661 const char *protop = conn->handler->scheme;
2662 char *envp = proxy_env;
2665 /* Now, build <protocol>_proxy and check for such a one to use */
2667 *envp++ = (char)tolower((int)*protop++);
2670 strcpy(envp, "_proxy");
2672 /* read the protocol proxy: */
2673 prox = curl_getenv(proxy_env);
2676 * We don't try the uppercase version of HTTP_PROXY because of
2679 * When curl is used in a webserver application
2680 * environment (cgi or php), this environment variable can
2681 * be controlled by the web server user by setting the
2682 * http header 'Proxy:' to some value.
2684 * This can cause 'internal' http/ftp requests to be
2685 * arbitrarily redirected by any external attacker.
2687 if(!prox && !strcasecompare("http_proxy", proxy_env)) {
2688 /* There was no lowercase variable, try the uppercase version: */
2689 Curl_strntoupper(proxy_env, proxy_env, sizeof(proxy_env));
2690 prox = curl_getenv(proxy_env);
2694 proxy = prox; /* use this */
2696 proxy = curl_getenv("all_proxy"); /* default proxy to use */
2698 proxy = curl_getenv("ALL_PROXY");
2703 #endif /* CURL_DISABLE_HTTP */
2706 * If this is supposed to use a proxy, we need to figure out the proxy
2707 * host name, so that we can re-use an existing connection
2708 * that may exist registered to the same proxy host.
2710 static CURLcode parse_proxy(struct Curl_easy *data,
2711 struct connectdata *conn, char *proxy,
2712 curl_proxytype proxytype)
2717 /* We use 'proxyptr' to point to the proxy name from now on... */
2722 char *proxyuser = NULL;
2723 char *proxypasswd = NULL;
2726 /* We do the proxy host string parsing here. We want the host name and the
2727 * port name. Accept a protocol:// prefix
2730 /* Parse the protocol part if present */
2731 endofprot = strstr(proxy, "://");
2733 proxyptr = endofprot + 3;
2734 if(checkprefix("https", proxy))
2735 proxytype = CURLPROXY_HTTPS;
2736 else if(checkprefix("socks5h", proxy))
2737 proxytype = CURLPROXY_SOCKS5_HOSTNAME;
2738 else if(checkprefix("socks5", proxy))
2739 proxytype = CURLPROXY_SOCKS5;
2740 else if(checkprefix("socks4a", proxy))
2741 proxytype = CURLPROXY_SOCKS4A;
2742 else if(checkprefix("socks4", proxy) || checkprefix("socks", proxy))
2743 proxytype = CURLPROXY_SOCKS4;
2744 else if(checkprefix("http:", proxy))
2745 ; /* leave it as HTTP or HTTP/1.0 */
2747 /* Any other xxx:// reject! */
2748 failf(data, "Unsupported proxy scheme for \'%s\'", proxy);
2749 return CURLE_COULDNT_CONNECT;
2753 proxyptr = proxy; /* No xxx:// head: It's a HTTP proxy */
2756 if(!Curl_ssl->support_https_proxy)
2758 if(proxytype == CURLPROXY_HTTPS) {
2759 failf(data, "Unsupported proxy \'%s\', libcurl is built without the "
2760 "HTTPS-proxy support.", proxy);
2761 return CURLE_NOT_BUILT_IN;
2764 sockstype = proxytype == CURLPROXY_SOCKS5_HOSTNAME ||
2765 proxytype == CURLPROXY_SOCKS5 ||
2766 proxytype == CURLPROXY_SOCKS4A ||
2767 proxytype == CURLPROXY_SOCKS4;
2769 /* Is there a username and password given in this proxy url? */
2770 atsign = strchr(proxyptr, '@');
2773 Curl_parse_login_details(proxyptr, atsign - proxyptr,
2774 &proxyuser, &proxypasswd, NULL);
2777 proxyptr = atsign + 1;
2780 /* start scanning for port number at this point */
2783 /* detect and extract RFC6874-style IPv6-addresses */
2784 if(*proxyptr == '[') {
2785 char *ptr = ++proxyptr; /* advance beyond the initial bracket */
2786 while(*ptr && (ISXDIGIT(*ptr) || (*ptr == ':') || (*ptr == '.')))
2789 /* There might be a zone identifier */
2790 if(strncmp("%25", ptr, 3))
2791 infof(data, "Please URL encode %% as %%25, see RFC 6874.\n");
2793 /* Allow unreserved characters as defined in RFC 3986 */
2794 while(*ptr && (ISALPHA(*ptr) || ISXDIGIT(*ptr) || (*ptr == '-') ||
2795 (*ptr == '.') || (*ptr == '_') || (*ptr == '~')))
2799 /* yeps, it ended nicely with a bracket as well */
2802 infof(data, "Invalid IPv6 address format\n");
2804 /* Note that if this didn't end with a bracket, we still advanced the
2805 * proxyptr first, but I can't see anything wrong with that as no host
2806 * name nor a numeric can legally start with a bracket.
2810 /* Get port number off proxy.server.com:1080 */
2811 prox_portno = strchr(portptr, ':');
2815 *prox_portno = 0x0; /* cut off number from host name */
2817 /* now set the local port number */
2818 port = strtol(prox_portno, &endp, 10);
2819 if((endp && *endp && (*endp != '/') && (*endp != ' ')) ||
2820 (port < 0) || (port > 65535)) {
2821 /* meant to detect for example invalid IPv6 numerical addresses without
2822 brackets: "2a00:fac0:a000::7:13". Accept a trailing slash only
2823 because we then allow "URL style" with the number followed by a
2824 slash, used in curl test cases already. Space is also an acceptable
2825 terminating symbol. */
2826 infof(data, "No valid port number in proxy string (%s)\n",
2833 if(proxyptr[0]=='/') {
2834 /* If the first character in the proxy string is a slash, fail
2835 immediately. The following code will otherwise clear the string which
2836 will lead to code running as if no proxy was set! */
2837 Curl_safefree(proxyuser);
2838 Curl_safefree(proxypasswd);
2839 return CURLE_COULDNT_RESOLVE_PROXY;
2842 /* without a port number after the host name, some people seem to use
2843 a slash so we strip everything from the first slash */
2844 atsign = strchr(proxyptr, '/');
2846 *atsign = '\0'; /* cut off path part from host name */
2848 if(data->set.proxyport)
2849 /* None given in the proxy string, then get the default one if it is
2851 port = data->set.proxyport;
2853 if(proxytype == CURLPROXY_HTTPS)
2854 port = CURL_DEFAULT_HTTPS_PROXY_PORT;
2856 port = CURL_DEFAULT_PROXY_PORT;
2861 struct proxy_info *proxyinfo =
2862 sockstype ? &conn->socks_proxy : &conn->http_proxy;
2863 proxyinfo->proxytype = proxytype;
2866 /* found user and password, rip them out. note that we are unescaping
2867 them, as there is otherwise no way to have a username or password
2868 with reserved characters like ':' in them. */
2869 Curl_safefree(proxyinfo->user);
2870 proxyinfo->user = curl_easy_unescape(data, proxyuser, 0, NULL);
2871 Curl_safefree(proxyuser);
2873 if(!proxyinfo->user) {
2874 Curl_safefree(proxypasswd);
2875 return CURLE_OUT_OF_MEMORY;
2878 Curl_safefree(proxyinfo->passwd);
2879 if(proxypasswd && strlen(proxypasswd) < MAX_CURL_PASSWORD_LENGTH)
2880 proxyinfo->passwd = curl_easy_unescape(data, proxypasswd, 0, NULL);
2882 proxyinfo->passwd = strdup("");
2883 Curl_safefree(proxypasswd);
2885 if(!proxyinfo->passwd)
2886 return CURLE_OUT_OF_MEMORY;
2888 conn->bits.proxy_user_passwd = TRUE; /* enable it */
2892 proxyinfo->port = port;
2893 if(conn->port < 0 || sockstype || !conn->socks_proxy.host.rawalloc)
2897 /* now, clone the cleaned proxy host name */
2898 Curl_safefree(proxyinfo->host.rawalloc);
2899 proxyinfo->host.rawalloc = strdup(proxyptr);
2900 proxyinfo->host.name = proxyinfo->host.rawalloc;
2902 if(!proxyinfo->host.rawalloc)
2903 return CURLE_OUT_OF_MEMORY;
2906 Curl_safefree(proxyuser);
2907 Curl_safefree(proxypasswd);
2913 * Extract the user and password from the authentication string
2915 static CURLcode parse_proxy_auth(struct Curl_easy *data,
2916 struct connectdata *conn)
2918 char proxyuser[MAX_CURL_USER_LENGTH]="";
2919 char proxypasswd[MAX_CURL_PASSWORD_LENGTH]="";
2922 if(data->set.str[STRING_PROXYUSERNAME] != NULL) {
2923 strncpy(proxyuser, data->set.str[STRING_PROXYUSERNAME],
2924 MAX_CURL_USER_LENGTH);
2925 proxyuser[MAX_CURL_USER_LENGTH-1] = '\0'; /*To be on safe side*/
2927 if(data->set.str[STRING_PROXYPASSWORD] != NULL) {
2928 strncpy(proxypasswd, data->set.str[STRING_PROXYPASSWORD],
2929 MAX_CURL_PASSWORD_LENGTH);
2930 proxypasswd[MAX_CURL_PASSWORD_LENGTH-1] = '\0'; /*To be on safe side*/
2933 result = Curl_urldecode(data, proxyuser, 0, &conn->http_proxy.user, NULL,
2936 result = Curl_urldecode(data, proxypasswd, 0, &conn->http_proxy.passwd,
2941 /* create_conn helper to parse and init proxy values. to be called after unix
2942 socket init but before any proxy vars are evaluated. */
2943 static CURLcode create_conn_helper_init_proxy(struct connectdata *conn)
2946 char *socksproxy = NULL;
2947 char *no_proxy = NULL;
2948 CURLcode result = CURLE_OK;
2949 struct Curl_easy *data = conn->data;
2951 /*************************************************************
2952 * Extract the user and password from the authentication string
2953 *************************************************************/
2954 if(conn->bits.proxy_user_passwd) {
2955 result = parse_proxy_auth(data, conn);
2960 /*************************************************************
2961 * Detect what (if any) proxy to use
2962 *************************************************************/
2963 if(data->set.str[STRING_PROXY]) {
2964 proxy = strdup(data->set.str[STRING_PROXY]);
2965 /* if global proxy is set, this is it */
2967 failf(data, "memory shortage");
2968 result = CURLE_OUT_OF_MEMORY;
2973 if(data->set.str[STRING_PRE_PROXY]) {
2974 socksproxy = strdup(data->set.str[STRING_PRE_PROXY]);
2975 /* if global socks proxy is set, this is it */
2976 if(NULL == socksproxy) {
2977 failf(data, "memory shortage");
2978 result = CURLE_OUT_OF_MEMORY;
2983 if(!data->set.str[STRING_NOPROXY]) {
2984 no_proxy = curl_getenv("no_proxy");
2986 no_proxy = curl_getenv("NO_PROXY");
2989 if(check_noproxy(conn->host.name, data->set.str[STRING_NOPROXY] ?
2990 data->set.str[STRING_NOPROXY] : no_proxy)) {
2991 Curl_safefree(proxy);
2992 Curl_safefree(socksproxy);
2994 #ifndef CURL_DISABLE_HTTP
2995 else if(!proxy && !socksproxy)
2996 /* if the host is not in the noproxy list, detect proxy. */
2997 proxy = detect_proxy(conn);
2998 #endif /* CURL_DISABLE_HTTP */
3000 Curl_safefree(no_proxy);
3002 #ifdef USE_UNIX_SOCKETS
3003 /* For the time being do not mix proxy and unix domain sockets. See #1274 */
3004 if(proxy && conn->unix_domain_socket) {
3010 if(proxy && (!*proxy || (conn->handler->flags & PROTOPT_NONETWORK))) {
3011 free(proxy); /* Don't bother with an empty proxy string or if the
3012 protocol doesn't work with network */
3015 if(socksproxy && (!*socksproxy ||
3016 (conn->handler->flags & PROTOPT_NONETWORK))) {
3017 free(socksproxy); /* Don't bother with an empty socks proxy string or if
3018 the protocol doesn't work with network */
3022 /***********************************************************************
3023 * If this is supposed to use a proxy, we need to figure out the proxy host
3024 * name, proxy type and port number, so that we can re-use an existing
3025 * connection that may exist registered to the same proxy host.
3026 ***********************************************************************/
3027 if(proxy || socksproxy) {
3029 result = parse_proxy(data, conn, proxy, conn->http_proxy.proxytype);
3030 Curl_safefree(proxy); /* parse_proxy copies the proxy string */
3036 result = parse_proxy(data, conn, socksproxy,
3037 conn->socks_proxy.proxytype);
3038 /* parse_proxy copies the socks proxy string */
3039 Curl_safefree(socksproxy);
3044 if(conn->http_proxy.host.rawalloc) {
3045 #ifdef CURL_DISABLE_HTTP
3046 /* asking for a HTTP proxy is a bit funny when HTTP is disabled... */
3047 result = CURLE_UNSUPPORTED_PROTOCOL;
3050 /* force this connection's protocol to become HTTP if compatible */
3051 if(!(conn->handler->protocol & PROTO_FAMILY_HTTP)) {
3052 if((conn->handler->flags & PROTOPT_PROXY_AS_HTTP) &&
3053 !conn->bits.tunnel_proxy)
3054 conn->handler = &Curl_handler_http;
3056 /* if not converting to HTTP over the proxy, enforce tunneling */
3057 conn->bits.tunnel_proxy = TRUE;
3059 conn->bits.httpproxy = TRUE;
3063 conn->bits.httpproxy = FALSE; /* not a HTTP proxy */
3064 conn->bits.tunnel_proxy = FALSE; /* no tunneling if not HTTP */
3067 if(conn->socks_proxy.host.rawalloc) {
3068 if(!conn->http_proxy.host.rawalloc) {
3069 /* once a socks proxy */
3070 if(!conn->socks_proxy.user) {
3071 conn->socks_proxy.user = conn->http_proxy.user;
3072 conn->http_proxy.user = NULL;
3073 Curl_safefree(conn->socks_proxy.passwd);
3074 conn->socks_proxy.passwd = conn->http_proxy.passwd;
3075 conn->http_proxy.passwd = NULL;
3078 conn->bits.socksproxy = TRUE;
3081 conn->bits.socksproxy = FALSE; /* not a socks proxy */
3084 conn->bits.socksproxy = FALSE;
3085 conn->bits.httpproxy = FALSE;
3087 conn->bits.proxy = conn->bits.httpproxy || conn->bits.socksproxy;
3089 if(!conn->bits.proxy) {
3090 /* we aren't using the proxy after all... */
3091 conn->bits.proxy = FALSE;
3092 conn->bits.httpproxy = FALSE;
3093 conn->bits.socksproxy = FALSE;
3094 conn->bits.proxy_user_passwd = FALSE;
3095 conn->bits.tunnel_proxy = FALSE;
3104 #endif /* CURL_DISABLE_PROXY */
3109 * Parse the login details (user name, password and options) from the URL and
3110 * strip them out of the host name
3112 * Inputs: data->set.use_netrc (CURLOPT_NETRC)
3115 * Outputs: (almost :- all currently undefined)
3116 * conn->bits.user_passwd - non-zero if non-default passwords exist
3117 * user - non-zero length if defined
3118 * passwd - non-zero length if defined
3119 * options - non-zero length if defined
3120 * conn->host.name - remove user name and password
3122 static CURLcode parse_url_login(struct Curl_easy *data,
3123 struct connectdata *conn,
3124 char **user, char **passwd, char **options)
3126 CURLcode result = CURLE_OK;
3128 char *passwdp = NULL;
3129 char *optionsp = NULL;
3131 /* At this point, we're hoping all the other special cases have
3132 * been taken care of, so conn->host.name is at most
3133 * [user[:password][;options]]@]hostname
3135 * We need somewhere to put the embedded details, so do that first.
3138 char *ptr = strchr(conn->host.name, '@');
3139 char *login = conn->host.name;
3141 DEBUGASSERT(!**user);
3142 DEBUGASSERT(!**passwd);
3143 DEBUGASSERT(!**options);
3144 DEBUGASSERT(conn->handler);
3149 /* We will now try to extract the
3150 * possible login information in a string like:
3151 * ftp://user:password@ftp.my.site:8021/README */
3152 conn->host.name = ++ptr;
3154 /* So the hostname is sane. Only bother interpreting the
3155 * results if we could care. It could still be wasted
3156 * work because it might be overtaken by the programmatically
3157 * set user/passwd, but doing that first adds more cases here :-(
3160 if(data->set.use_netrc == CURL_NETRC_REQUIRED)
3163 /* We could use the login information in the URL so extract it. Only parse
3164 options if the handler says we should. */
3166 Curl_parse_login_details(login, ptr - login - 1,
3168 (conn->handler->flags & PROTOPT_URLOPTIONS)?
3176 /* We have a user in the URL */
3177 conn->bits.userpwd_in_url = TRUE;
3178 conn->bits.user_passwd = TRUE; /* enable user+password */
3180 /* Decode the user */
3181 result = Curl_urldecode(data, userp, 0, &newname, NULL, FALSE);
3191 /* We have a password in the URL so decode it */
3193 result = Curl_urldecode(data, passwdp, 0, &newpasswd, NULL, FALSE);
3199 *passwd = newpasswd;
3203 /* We have an options list in the URL so decode it */
3205 result = Curl_urldecode(data, optionsp, 0, &newoptions, NULL, FALSE);
3211 *options = newoptions;
3225 * Curl_parse_login_details()
3227 * This is used to parse a login string for user name, password and options in
3228 * the following formats:
3232 * user:password;options
3234 * user;options:password
3242 * login [in] - The login string.
3243 * len [in] - The length of the login string.
3244 * userp [in/out] - The address where a pointer to newly allocated memory
3245 * holding the user will be stored upon completion.
3246 * passdwp [in/out] - The address where a pointer to newly allocated memory
3247 * holding the password will be stored upon completion.
3248 * optionsp [in/out] - The address where a pointer to newly allocated memory
3249 * holding the options will be stored upon completion.
3251 * Returns CURLE_OK on success.
3253 CURLcode Curl_parse_login_details(const char *login, const size_t len,
3254 char **userp, char **passwdp,
3257 CURLcode result = CURLE_OK;
3261 const char *psep = NULL;
3262 const char *osep = NULL;
3267 /* Attempt to find the password separator */
3269 psep = strchr(login, ':');
3271 /* Within the constraint of the login string */
3272 if(psep >= login + len)
3276 /* Attempt to find the options separator */
3278 osep = strchr(login, ';');
3280 /* Within the constraint of the login string */
3281 if(osep >= login + len)
3285 /* Calculate the portion lengths */
3287 (size_t)(osep && psep > osep ? osep - login : psep - login) :
3288 (osep ? (size_t)(osep - login) : len));
3290 (osep && osep > psep ? (size_t)(osep - psep) :
3291 (size_t)(login + len - psep)) - 1 : 0);
3293 (psep && psep > osep ? (size_t)(psep - osep) :
3294 (size_t)(login + len - osep)) - 1 : 0);
3296 /* Allocate the user portion buffer */
3298 ubuf = malloc(ulen + 1);
3300 result = CURLE_OUT_OF_MEMORY;
3303 /* Allocate the password portion buffer */
3304 if(!result && passwdp && plen) {
3305 pbuf = malloc(plen + 1);
3308 result = CURLE_OUT_OF_MEMORY;
3312 /* Allocate the options portion buffer */
3313 if(!result && optionsp && olen) {
3314 obuf = malloc(olen + 1);
3318 result = CURLE_OUT_OF_MEMORY;
3323 /* Store the user portion if necessary */
3325 memcpy(ubuf, login, ulen);
3327 Curl_safefree(*userp);
3331 /* Store the password portion if necessary */
3333 memcpy(pbuf, psep + 1, plen);
3335 Curl_safefree(*passwdp);
3339 /* Store the options portion if necessary */
3341 memcpy(obuf, osep + 1, olen);
3343 Curl_safefree(*optionsp);
3351 /*************************************************************
3352 * Figure out the remote port number and fix it in the URL
3354 * No matter if we use a proxy or not, we have to figure out the remote
3355 * port number of various reasons.
3357 * To be able to detect port number flawlessly, we must not confuse them
3358 * IPv6-specified addresses in the [0::1] style. (RFC2732)
3360 * The conn->host.name is currently [user:passwd@]host[:port] where host
3361 * could be a hostname, IPv4 address or IPv6 address.
3363 * The port number embedded in the URL is replaced, if necessary.
3364 *************************************************************/
3365 static CURLcode parse_remote_port(struct Curl_easy *data,
3366 struct connectdata *conn)
3371 /* Note that at this point, the IPv6 address cannot contain any scope
3372 suffix as that has already been removed in the parseurlandfillconn()
3374 if((1 == sscanf(conn->host.name, "[%*45[0123456789abcdefABCDEF:.]%c",
3376 (']' == endbracket)) {
3377 /* this is a RFC2732-style specified IP-address */
3378 conn->bits.ipv6_ip = TRUE;
3380 conn->host.name++; /* skip over the starting bracket */
3381 portptr = strchr(conn->host.name, ']');
3383 *portptr++ = '\0'; /* zero terminate, killing the bracket */
3385 if (*portptr != ':') {
3386 failf(data, "IPv6 closing bracket followed by '%c'", *portptr);
3387 return CURLE_URL_MALFORMAT;
3391 portptr = NULL; /* no port number available */
3396 struct in6_addr in6;
3397 if(Curl_inet_pton(AF_INET6, conn->host.name, &in6) > 0) {
3398 /* This is a numerical IPv6 address, meaning this is a wrongly formatted
3400 failf(data, "IPv6 numerical address used in URL without brackets");
3401 return CURLE_URL_MALFORMAT;
3405 portptr = strchr(conn->host.name, ':');
3408 if(data->set.use_port && data->state.allow_port) {
3409 /* if set, we use this and ignore the port possibly given in the URL */
3410 conn->remote_port = (unsigned short)data->set.use_port;
3412 *portptr = '\0'; /* cut off the name there anyway - if there was a port
3413 number - since the port number is to be ignored! */
3414 if(conn->bits.httpproxy) {
3415 /* we need to create new URL with the new port number */
3419 if(conn->bits.type_set)
3420 snprintf(type, sizeof(type), ";type=%c",
3421 data->set.prefer_ascii?'A':
3422 (data->set.ftp_list_only?'D':'I'));
3425 * This synthesized URL isn't always right--suffixes like ;type=A are
3426 * stripped off. It would be better to work directly from the original
3427 * URL and simply replace the port part of it.
3429 url = aprintf("%s://%s%s%s:%hu%s%s%s", conn->given->scheme,
3430 conn->bits.ipv6_ip?"[":"", conn->host.name,
3431 conn->bits.ipv6_ip?"]":"", conn->remote_port,
3432 data->state.slash_removed?"/":"", data->state.path,
3435 return CURLE_OUT_OF_MEMORY;
3437 if(data->change.url_alloc) {
3438 Curl_safefree(data->change.url);
3439 data->change.url_alloc = FALSE;
3442 data->change.url = url;
3443 data->change.url_alloc = TRUE;
3447 /* no CURLOPT_PORT given, extract the one from the URL */
3452 port = strtol(portptr + 1, &rest, 10); /* Port number must be decimal */
3454 if((port < 0) || (port > 0xffff)) {
3455 /* Single unix standard says port numbers are 16 bits long */
3456 failf(data, "Port number out of range");
3457 return CURLE_URL_MALFORMAT;
3461 failf(data, "Port number ended with '%c'", rest[0]);
3462 return CURLE_URL_MALFORMAT;
3465 if(rest != &portptr[1]) {
3466 *portptr = '\0'; /* cut off the name there */
3467 conn->remote_port = curlx_ultous(port);
3470 /* Browser behavior adaptation. If there's a colon with no digits after,
3471 just cut off the name there which makes us ignore the colon and just
3472 use the default port. Firefox and Chrome both do that. */
3477 /* only if remote_port was not already parsed off the URL we use the
3478 default port number */
3479 if(conn->remote_port < 0)
3480 conn->remote_port = (unsigned short)conn->given->defport;
3486 * Override the login details from the URL with that in the CURLOPT_USERPWD
3487 * option or a .netrc file, if applicable.
3489 static CURLcode override_login(struct Curl_easy *data,
3490 struct connectdata *conn,
3491 char **userp, char **passwdp, char **optionsp)
3493 if(data->set.str[STRING_USERNAME]) {
3495 *userp = strdup(data->set.str[STRING_USERNAME]);
3497 return CURLE_OUT_OF_MEMORY;
3500 if(data->set.str[STRING_PASSWORD]) {
3502 *passwdp = strdup(data->set.str[STRING_PASSWORD]);
3504 return CURLE_OUT_OF_MEMORY;
3507 if(data->set.str[STRING_OPTIONS]) {
3509 *optionsp = strdup(data->set.str[STRING_OPTIONS]);
3511 return CURLE_OUT_OF_MEMORY;
3514 conn->bits.netrc = FALSE;
3515 if(data->set.use_netrc != CURL_NETRC_IGNORED) {
3516 int ret = Curl_parsenetrc(conn->host.name,
3518 data->set.str[STRING_NETRC_FILE]);
3520 infof(data, "Couldn't find host %s in the "
3521 DOT_CHAR "netrc file; using defaults\n",
3525 return CURLE_OUT_OF_MEMORY;
3528 /* set bits.netrc TRUE to remember that we got the name from a .netrc
3529 file, so that it is safe to use even if we followed a Location: to a
3530 different host or similar. */
3531 conn->bits.netrc = TRUE;
3533 conn->bits.user_passwd = TRUE; /* enable user+password */
3541 * Set the login details so they're available in the connection
3543 static CURLcode set_login(struct connectdata *conn,
3544 const char *user, const char *passwd,
3545 const char *options)
3547 CURLcode result = CURLE_OK;
3549 /* If our protocol needs a password and we have none, use the defaults */
3550 if((conn->handler->flags & PROTOPT_NEEDSPWD) && !conn->bits.user_passwd) {
3551 /* Store the default user */
3552 conn->user = strdup(CURL_DEFAULT_USER);
3554 /* Store the default password */
3556 conn->passwd = strdup(CURL_DEFAULT_PASSWORD);
3558 conn->passwd = NULL;
3560 /* This is the default password, so DON'T set conn->bits.user_passwd */
3563 /* Store the user, zero-length if not set */
3564 conn->user = strdup(user);
3566 /* Store the password (only if user is present), zero-length if not set */
3568 conn->passwd = strdup(passwd);
3570 conn->passwd = NULL;
3573 if(!conn->user || !conn->passwd)
3574 result = CURLE_OUT_OF_MEMORY;
3576 /* Store the options, null if not set */
3577 if(!result && options[0]) {
3578 conn->options = strdup(options);
3581 result = CURLE_OUT_OF_MEMORY;
3588 * Parses a "host:port" string to connect to.
3589 * The hostname and the port may be empty; in this case, NULL is returned for
3590 * the hostname and -1 for the port.
3592 static CURLcode parse_connect_to_host_port(struct Curl_easy *data,
3594 char **hostname_result,
3603 #if defined(CURL_DISABLE_VERBOSE_STRINGS)
3607 *hostname_result = NULL;
3613 host_dup = strdup(host);
3615 return CURLE_OUT_OF_MEMORY;
3619 /* start scanning for port number at this point */
3622 /* detect and extract RFC6874-style IPv6-addresses */
3623 if(*hostptr == '[') {
3625 char *ptr = ++hostptr; /* advance beyond the initial bracket */
3626 while(*ptr && (ISXDIGIT(*ptr) || (*ptr == ':') || (*ptr == '.')))
3629 /* There might be a zone identifier */
3630 if(strncmp("%25", ptr, 3))
3631 infof(data, "Please URL encode %% as %%25, see RFC 6874.\n");
3633 /* Allow unreserved characters as defined in RFC 3986 */
3634 while(*ptr && (ISALPHA(*ptr) || ISXDIGIT(*ptr) || (*ptr == '-') ||
3635 (*ptr == '.') || (*ptr == '_') || (*ptr == '~')))
3639 /* yeps, it ended nicely with a bracket as well */
3642 infof(data, "Invalid IPv6 address format\n");
3644 /* Note that if this didn't end with a bracket, we still advanced the
3645 * hostptr first, but I can't see anything wrong with that as no host
3646 * name nor a numeric can legally start with a bracket.
3649 failf(data, "Use of IPv6 in *_CONNECT_TO without IPv6 support built-in!");
3651 return CURLE_NOT_BUILT_IN;
3655 /* Get port number off server.com:1080 */
3656 host_portno = strchr(portptr, ':');
3659 *host_portno = '\0'; /* cut off number from host name */
3662 long portparse = strtol(host_portno, &endp, 10);
3663 if((endp && *endp) || (portparse < 0) || (portparse > 65535)) {
3664 infof(data, "No valid port number in connect to host string (%s)\n",
3670 port = (int)portparse; /* we know it will fit */
3674 /* now, clone the cleaned host name */
3676 *hostname_result = strdup(hostptr);
3677 if(!*hostname_result) {
3679 return CURLE_OUT_OF_MEMORY;
3683 *port_result = port;
3690 * Parses one "connect to" string in the form:
3691 * "HOST:PORT:CONNECT-TO-HOST:CONNECT-TO-PORT".
3693 static CURLcode parse_connect_to_string(struct Curl_easy *data,
3694 struct connectdata *conn,
3695 const char *conn_to_host,
3699 CURLcode result = CURLE_OK;
3700 const char *ptr = conn_to_host;
3701 int host_match = FALSE;
3702 int port_match = FALSE;
3704 *host_result = NULL;
3708 /* an empty hostname always matches */
3713 /* check whether the URL's hostname matches */
3714 size_t hostname_to_match_len;
3715 char *hostname_to_match = aprintf("%s%s%s",
3716 conn->bits.ipv6_ip ? "[" : "",
3718 conn->bits.ipv6_ip ? "]" : "");
3719 if(!hostname_to_match)
3720 return CURLE_OUT_OF_MEMORY;
3721 hostname_to_match_len = strlen(hostname_to_match);
3722 host_match = strncasecompare(ptr, hostname_to_match,
3723 hostname_to_match_len);
3724 free(hostname_to_match);
3725 ptr += hostname_to_match_len;
3727 host_match = host_match && *ptr == ':';
3733 /* an empty port always matches */
3738 /* check whether the URL's port matches */
3739 char *ptr_next = strchr(ptr, ':');
3742 long port_to_match = strtol(ptr, &endp, 10);
3743 if((endp == ptr_next) && (port_to_match == conn->remote_port)) {
3751 if(host_match && port_match) {
3752 /* parse the hostname and port to connect to */
3753 result = parse_connect_to_host_port(data, ptr, host_result, port_result);
3760 * Processes all strings in the "connect to" slist, and uses the "connect
3761 * to host" and "connect to port" of the first string that matches.
3763 static CURLcode parse_connect_to_slist(struct Curl_easy *data,
3764 struct connectdata *conn,
3765 struct curl_slist *conn_to_host)
3767 CURLcode result = CURLE_OK;
3771 while(conn_to_host && !host && port == -1) {
3772 result = parse_connect_to_string(data, conn, conn_to_host->data,
3778 conn->conn_to_host.rawalloc = host;
3779 conn->conn_to_host.name = host;
3780 conn->bits.conn_to_host = TRUE;
3782 infof(data, "Connecting to hostname: %s\n", host);
3785 /* no "connect to host" */
3786 conn->bits.conn_to_host = FALSE;
3787 Curl_safefree(host);
3791 conn->conn_to_port = port;
3792 conn->bits.conn_to_port = TRUE;
3793 infof(data, "Connecting to port: %d\n", port);
3796 /* no "connect to port" */
3797 conn->bits.conn_to_port = FALSE;
3801 conn_to_host = conn_to_host->next;
3807 /*************************************************************
3808 * Resolve the address of the server or proxy
3809 *************************************************************/
3810 static CURLcode resolve_server(struct Curl_easy *data,
3811 struct connectdata *conn,
3814 CURLcode result = CURLE_OK;
3815 timediff_t timeout_ms = Curl_timeleft(data, NULL, TRUE);
3817 /*************************************************************
3818 * Resolve the name of the server or proxy
3819 *************************************************************/
3820 if(conn->bits.reuse)
3821 /* We're reusing the connection - no need to resolve anything, and
3822 fix_hostname() was called already in create_conn() for the re-use
3827 /* this is a fresh connect */
3829 struct Curl_dns_entry *hostaddr;
3831 #ifdef USE_UNIX_SOCKETS
3832 if(conn->unix_domain_socket) {
3833 /* Unix domain sockets are local. The host gets ignored, just use the
3834 * specified domain socket address. Do not cache "DNS entries". There is
3835 * no DNS involved and we already have the filesystem path available */
3836 const char *path = conn->unix_domain_socket;
3838 hostaddr = calloc(1, sizeof(struct Curl_dns_entry));
3840 result = CURLE_OUT_OF_MEMORY;
3842 bool longpath = FALSE;
3843 hostaddr->addr = Curl_unix2addr(path, &longpath,
3844 conn->abstract_unix_socket);
3848 /* Long paths are not supported for now */
3850 failf(data, "Unix socket path too long: '%s'", path);
3851 result = CURLE_COULDNT_RESOLVE_HOST;
3854 result = CURLE_OUT_OF_MEMORY;
3862 if(!conn->bits.proxy) {
3863 struct hostname *connhost;
3864 if(conn->bits.conn_to_host)
3865 connhost = &conn->conn_to_host;
3867 connhost = &conn->host;
3869 /* If not connecting via a proxy, extract the port from the URL, if it is
3870 * there, thus overriding any defaults that might have been set above. */
3871 if(conn->bits.conn_to_port)
3872 conn->port = conn->conn_to_port;
3874 conn->port = conn->remote_port;
3876 /* Resolve target host right on */
3877 rc = Curl_resolv_timeout(conn, connhost->name, (int)conn->port,
3878 &hostaddr, timeout_ms);
3879 if(rc == CURLRESOLV_PENDING)
3882 else if(rc == CURLRESOLV_TIMEDOUT)
3883 result = CURLE_OPERATION_TIMEDOUT;
3885 else if(!hostaddr) {
3886 failf(data, "Couldn't resolve host '%s'", connhost->dispname);
3887 result = CURLE_COULDNT_RESOLVE_HOST;
3888 /* don't return yet, we need to clean up the timeout first */
3892 /* This is a proxy that hasn't been resolved yet. */
3894 struct hostname * const host = conn->bits.socksproxy ?
3895 &conn->socks_proxy.host : &conn->http_proxy.host;
3898 rc = Curl_resolv_timeout(conn, host->name, (int)conn->port,
3899 &hostaddr, timeout_ms);
3901 if(rc == CURLRESOLV_PENDING)
3904 else if(rc == CURLRESOLV_TIMEDOUT)
3905 result = CURLE_OPERATION_TIMEDOUT;
3907 else if(!hostaddr) {
3908 failf(data, "Couldn't resolve proxy '%s'", host->dispname);
3909 result = CURLE_COULDNT_RESOLVE_PROXY;
3910 /* don't return yet, we need to clean up the timeout first */
3913 DEBUGASSERT(conn->dns_entry == NULL);
3914 conn->dns_entry = hostaddr;
3921 * Cleanup the connection just allocated before we can move along and use the
3922 * previously existing one. All relevant data is copied over and old_conn is
3923 * ready for freeing once this function returns.
3925 static void reuse_conn(struct connectdata *old_conn,
3926 struct connectdata *conn)
3928 free_fixed_hostname(&old_conn->http_proxy.host);
3929 free_fixed_hostname(&old_conn->socks_proxy.host);
3931 free(old_conn->http_proxy.host.rawalloc);
3932 free(old_conn->socks_proxy.host.rawalloc);
3934 /* free the SSL config struct from this connection struct as this was
3935 allocated in vain and is targeted for destruction */
3936 Curl_free_primary_ssl_config(&old_conn->ssl_config);
3937 Curl_free_primary_ssl_config(&old_conn->proxy_ssl_config);
3939 conn->data = old_conn->data;
3941 /* get the user+password information from the old_conn struct since it may
3942 * be new for this request even when we re-use an existing connection */
3943 conn->bits.user_passwd = old_conn->bits.user_passwd;
3944 if(conn->bits.user_passwd) {
3945 /* use the new user name and password though */
3946 Curl_safefree(conn->user);
3947 Curl_safefree(conn->passwd);
3948 conn->user = old_conn->user;
3949 conn->passwd = old_conn->passwd;
3950 old_conn->user = NULL;
3951 old_conn->passwd = NULL;
3954 conn->bits.proxy_user_passwd = old_conn->bits.proxy_user_passwd;
3955 if(conn->bits.proxy_user_passwd) {
3956 /* use the new proxy user name and proxy password though */
3957 Curl_safefree(conn->http_proxy.user);
3958 Curl_safefree(conn->socks_proxy.user);
3959 Curl_safefree(conn->http_proxy.passwd);
3960 Curl_safefree(conn->socks_proxy.passwd);
3961 conn->http_proxy.user = old_conn->http_proxy.user;
3962 conn->socks_proxy.user = old_conn->socks_proxy.user;
3963 conn->http_proxy.passwd = old_conn->http_proxy.passwd;
3964 conn->socks_proxy.passwd = old_conn->socks_proxy.passwd;
3965 old_conn->http_proxy.user = NULL;
3966 old_conn->socks_proxy.user = NULL;
3967 old_conn->http_proxy.passwd = NULL;
3968 old_conn->socks_proxy.passwd = NULL;
3971 /* host can change, when doing keepalive with a proxy or if the case is
3972 different this time etc */
3973 free_fixed_hostname(&conn->host);
3974 free_fixed_hostname(&conn->conn_to_host);
3975 Curl_safefree(conn->host.rawalloc);
3976 Curl_safefree(conn->conn_to_host.rawalloc);
3977 conn->host = old_conn->host;
3978 conn->conn_to_host = old_conn->conn_to_host;
3979 conn->conn_to_port = old_conn->conn_to_port;
3980 conn->remote_port = old_conn->remote_port;
3982 /* persist connection info in session handle */
3983 Curl_persistconninfo(conn);
3985 conn_reset_all_postponed_data(old_conn); /* free buffers */
3988 conn->bits.reuse = TRUE; /* yes, we're re-using here */
3990 Curl_safefree(old_conn->user);
3991 Curl_safefree(old_conn->passwd);
3992 Curl_safefree(old_conn->http_proxy.user);
3993 Curl_safefree(old_conn->socks_proxy.user);
3994 Curl_safefree(old_conn->http_proxy.passwd);
3995 Curl_safefree(old_conn->socks_proxy.passwd);
3996 Curl_safefree(old_conn->localdev);
3998 Curl_llist_destroy(&old_conn->send_pipe, NULL);
3999 Curl_llist_destroy(&old_conn->recv_pipe, NULL);
4001 Curl_safefree(old_conn->master_buffer);
4003 #ifdef USE_UNIX_SOCKETS
4004 Curl_safefree(old_conn->unix_domain_socket);
4009 * create_conn() sets up a new connectdata struct, or re-uses an already
4010 * existing one, and resolves host name.
4012 * if this function returns CURLE_OK and *async is set to TRUE, the resolve
4013 * response will be coming asynchronously. If *async is FALSE, the name is
4016 * @param data The sessionhandle pointer
4017 * @param in_connect is set to the next connection data pointer
4018 * @param async is set TRUE when an async DNS resolution is pending
4019 * @see Curl_setup_conn()
4021 * *NOTE* this function assigns the conn->data pointer!
4024 static CURLcode create_conn(struct Curl_easy *data,
4025 struct connectdata **in_connect,
4028 CURLcode result = CURLE_OK;
4029 struct connectdata *conn;
4030 struct connectdata *conn_temp = NULL;
4033 char *passwd = NULL;
4034 char *options = NULL;
4036 bool prot_missing = FALSE;
4037 bool connections_available = TRUE;
4038 bool force_reuse = FALSE;
4039 bool waitpipe = FALSE;
4040 size_t max_host_connections = Curl_multi_max_host_connections(data->multi);
4041 size_t max_total_connections = Curl_multi_max_total_connections(data->multi);
4045 /*************************************************************
4047 *************************************************************/
4049 if(!data->change.url) {
4050 result = CURLE_URL_MALFORMAT;
4054 /* First, split up the current URL in parts so that we can use the
4055 parts for checking against the already present connections. In order
4056 to not have to modify everything at once, we allocate a temporary
4057 connection data struct and fill in for comparison purposes. */
4058 conn = allocate_conn(data);
4061 result = CURLE_OUT_OF_MEMORY;
4065 /* We must set the return variable as soon as possible, so that our
4066 parent can cleanup any possible allocs we may have done before
4070 /* This initing continues below, see the comment "Continue connectdata
4071 * initialization here" */
4073 /***********************************************************
4074 * We need to allocate memory to store the path in. We get the size of the
4075 * full URL to be sure, and we need to make it at least 256 bytes since
4076 * other parts of the code will rely on this fact
4077 ***********************************************************/
4078 #define LEAST_PATH_ALLOC 256
4079 urllen = strlen(data->change.url);
4080 if(urllen < LEAST_PATH_ALLOC)
4081 urllen = LEAST_PATH_ALLOC;
4084 * We malloc() the buffers below urllen+2 to make room for 2 possibilities:
4085 * 1 - an extra terminating zero
4086 * 2 - an extra slash (in case a syntax like "www.host.com?moo" is used)
4089 Curl_safefree(data->state.pathbuffer);
4090 data->state.path = NULL;
4092 data->state.pathbuffer = malloc(urllen + 2);
4093 if(NULL == data->state.pathbuffer) {
4094 result = CURLE_OUT_OF_MEMORY; /* really bad error */
4097 data->state.path = data->state.pathbuffer;
4099 conn->host.rawalloc = malloc(urllen + 2);
4100 if(NULL == conn->host.rawalloc) {
4101 Curl_safefree(data->state.pathbuffer);
4102 data->state.path = NULL;
4103 result = CURLE_OUT_OF_MEMORY;
4107 conn->host.name = conn->host.rawalloc;
4108 conn->host.name[0] = 0;
4111 passwd = strdup("");
4112 options = strdup("");
4113 if(!user || !passwd || !options) {
4114 result = CURLE_OUT_OF_MEMORY;
4118 result = parseurlandfillconn(data, conn, &prot_missing, &user, &passwd,
4123 /*************************************************************
4124 * No protocol part in URL was used, add it!
4125 *************************************************************/
4127 /* We're guessing prefixes here and if we're told to use a proxy or if
4128 we're going to follow a Location: later or... then we need the protocol
4129 part added so that we have a valid URL. */
4133 reurl = aprintf("%s://%s", conn->handler->scheme, data->change.url);
4136 result = CURLE_OUT_OF_MEMORY;
4140 /* Change protocol prefix to lower-case */
4141 for(ch_lower = reurl; *ch_lower != ':'; ch_lower++)
4142 *ch_lower = (char)TOLOWER(*ch_lower);
4144 if(data->change.url_alloc) {
4145 Curl_safefree(data->change.url);
4146 data->change.url_alloc = FALSE;
4149 data->change.url = reurl;
4150 data->change.url_alloc = TRUE; /* free this later */
4153 /*************************************************************
4154 * If the protocol can't handle url query strings, then cut
4155 * off the unhandable part
4156 *************************************************************/
4157 if((conn->given->flags&PROTOPT_NOURLQUERY)) {
4158 char *path_q_sep = strchr(conn->data->state.path, '?');
4160 /* according to rfc3986, allow the query (?foo=bar)
4161 also on protocols that can't handle it.
4163 cut the string-part after '?'
4166 /* terminate the string */
4171 if(data->set.str[STRING_BEARER]) {
4172 conn->oauth_bearer = strdup(data->set.str[STRING_BEARER]);
4173 if(!conn->oauth_bearer) {
4174 result = CURLE_OUT_OF_MEMORY;
4179 #ifdef USE_UNIX_SOCKETS
4180 if(data->set.str[STRING_UNIX_SOCKET_PATH]) {
4181 conn->unix_domain_socket = strdup(data->set.str[STRING_UNIX_SOCKET_PATH]);
4182 if(conn->unix_domain_socket == NULL) {
4183 result = CURLE_OUT_OF_MEMORY;
4186 conn->abstract_unix_socket = data->set.abstract_unix_socket;
4190 /* After the unix socket init but before the proxy vars are used, parse and
4191 initialize the proxy vars */
4192 #ifndef CURL_DISABLE_PROXY
4193 result = create_conn_helper_init_proxy(conn);
4198 /*************************************************************
4199 * If the protocol is using SSL and HTTP proxy is used, we set
4200 * the tunnel_proxy bit.
4201 *************************************************************/
4202 if((conn->given->flags&PROTOPT_SSL) && conn->bits.httpproxy)
4203 conn->bits.tunnel_proxy = TRUE;
4205 /*************************************************************
4206 * Figure out the remote port number and fix it in the URL
4207 *************************************************************/
4208 result = parse_remote_port(data, conn);
4212 /* Check for overridden login details and set them accordingly so they
4213 they are known when protocol->setup_connection is called! */
4214 result = override_login(data, conn, &user, &passwd, &options);
4217 result = set_login(conn, user, passwd, options);
4221 /*************************************************************
4222 * Process the "connect to" linked list of hostname/port mappings.
4223 * Do this after the remote port number has been fixed in the URL.
4224 *************************************************************/
4225 result = parse_connect_to_slist(data, conn, data->set.connect_to);
4229 /*************************************************************
4230 * IDN-fix the hostnames
4231 *************************************************************/
4232 result = fix_hostname(conn, &conn->host);
4235 if(conn->bits.conn_to_host) {
4236 result = fix_hostname(conn, &conn->conn_to_host);
4240 if(conn->bits.httpproxy) {
4241 result = fix_hostname(conn, &conn->http_proxy.host);
4245 if(conn->bits.socksproxy) {
4246 result = fix_hostname(conn, &conn->socks_proxy.host);
4251 /*************************************************************
4252 * Check whether the host and the "connect to host" are equal.
4253 * Do this after the hostnames have been IDN-fixed.
4254 *************************************************************/
4255 if(conn->bits.conn_to_host &&
4256 strcasecompare(conn->conn_to_host.name, conn->host.name)) {
4257 conn->bits.conn_to_host = FALSE;
4260 /*************************************************************
4261 * Check whether the port and the "connect to port" are equal.
4262 * Do this after the remote port number has been fixed in the URL.
4263 *************************************************************/
4264 if(conn->bits.conn_to_port && conn->conn_to_port == conn->remote_port) {
4265 conn->bits.conn_to_port = FALSE;
4268 /*************************************************************
4269 * If the "connect to" feature is used with an HTTP proxy,
4270 * we set the tunnel_proxy bit.
4271 *************************************************************/
4272 if((conn->bits.conn_to_host || conn->bits.conn_to_port) &&
4273 conn->bits.httpproxy)
4274 conn->bits.tunnel_proxy = TRUE;
4276 /*************************************************************
4277 * Setup internals depending on protocol. Needs to be done after
4278 * we figured out what/if proxy to use.
4279 *************************************************************/
4280 result = setup_connection_internals(conn);
4284 conn->recv[FIRSTSOCKET] = Curl_recv_plain;
4285 conn->send[FIRSTSOCKET] = Curl_send_plain;
4286 conn->recv[SECONDARYSOCKET] = Curl_recv_plain;
4287 conn->send[SECONDARYSOCKET] = Curl_send_plain;
4289 conn->bits.tcp_fastopen = data->set.tcp_fastopen;
4291 /***********************************************************************
4292 * file: is a special case in that it doesn't need a network connection
4293 ***********************************************************************/
4294 #ifndef CURL_DISABLE_FILE
4295 if(conn->handler->flags & PROTOPT_NONETWORK) {
4297 /* this is supposed to be the connect function so we better at least check
4298 that the file is present here! */
4299 DEBUGASSERT(conn->handler->connect_it);
4300 result = conn->handler->connect_it(conn, &done);
4302 /* Setup a "faked" transfer that'll do nothing */
4305 conn->bits.tcpconnect[FIRSTSOCKET] = TRUE; /* we are "connected */
4307 Curl_conncache_add_conn(data->state.conn_cache, conn);
4310 * Setup whatever necessary for a resumed transfer
4312 result = setup_range(data);
4314 DEBUGASSERT(conn->handler->done);
4315 /* we ignore the return code for the protocol-specific DONE */
4316 (void)conn->handler->done(conn, result, FALSE);
4320 Curl_setup_transfer(conn, -1, -1, FALSE, NULL, /* no download */
4321 -1, NULL); /* no upload */
4324 /* since we skip do_init() */
4325 Curl_init_do(data, conn);
4331 /* Get a cloned copy of the SSL config situation stored in the
4332 connection struct. But to get this going nicely, we must first make
4333 sure that the strings in the master copy are pointing to the correct
4334 strings in the session handle strings array!
4336 Keep in mind that the pointers in the master copy are pointing to strings
4337 that will be freed as part of the Curl_easy struct, but all cloned
4338 copies will be separately allocated.
4340 data->set.ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH_ORIG];
4341 data->set.proxy_ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH_PROXY];
4342 data->set.ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE_ORIG];
4343 data->set.proxy_ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE_PROXY];
4344 data->set.ssl.primary.random_file = data->set.str[STRING_SSL_RANDOM_FILE];
4345 data->set.proxy_ssl.primary.random_file =
4346 data->set.str[STRING_SSL_RANDOM_FILE];
4347 data->set.ssl.primary.egdsocket = data->set.str[STRING_SSL_EGDSOCKET];
4348 data->set.proxy_ssl.primary.egdsocket = data->set.str[STRING_SSL_EGDSOCKET];
4349 data->set.ssl.primary.cipher_list =
4350 data->set.str[STRING_SSL_CIPHER_LIST_ORIG];
4351 data->set.proxy_ssl.primary.cipher_list =
4352 data->set.str[STRING_SSL_CIPHER_LIST_PROXY];
4354 data->set.ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_ORIG];
4355 data->set.proxy_ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_PROXY];
4356 data->set.ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT_ORIG];
4357 data->set.proxy_ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT_PROXY];
4358 data->set.ssl.cert = data->set.str[STRING_CERT_ORIG];
4359 data->set.proxy_ssl.cert = data->set.str[STRING_CERT_PROXY];
4360 data->set.ssl.cert_type = data->set.str[STRING_CERT_TYPE_ORIG];
4361 data->set.proxy_ssl.cert_type = data->set.str[STRING_CERT_TYPE_PROXY];
4362 data->set.ssl.key = data->set.str[STRING_KEY_ORIG];
4363 data->set.proxy_ssl.key = data->set.str[STRING_KEY_PROXY];
4364 data->set.ssl.key_type = data->set.str[STRING_KEY_TYPE_ORIG];
4365 data->set.proxy_ssl.key_type = data->set.str[STRING_KEY_TYPE_PROXY];
4366 data->set.ssl.key_passwd = data->set.str[STRING_KEY_PASSWD_ORIG];
4367 data->set.proxy_ssl.key_passwd = data->set.str[STRING_KEY_PASSWD_PROXY];
4368 data->set.ssl.primary.clientcert = data->set.str[STRING_CERT_ORIG];
4369 data->set.proxy_ssl.primary.clientcert = data->set.str[STRING_CERT_PROXY];
4371 data->set.ssl.username = data->set.str[STRING_TLSAUTH_USERNAME_ORIG];
4372 data->set.proxy_ssl.username = data->set.str[STRING_TLSAUTH_USERNAME_PROXY];
4373 data->set.ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_ORIG];
4374 data->set.proxy_ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_PROXY];
4377 if(!Curl_clone_primary_ssl_config(&data->set.ssl.primary,
4378 &conn->ssl_config)) {
4379 result = CURLE_OUT_OF_MEMORY;
4383 if(!Curl_clone_primary_ssl_config(&data->set.proxy_ssl.primary,
4384 &conn->proxy_ssl_config)) {
4385 result = CURLE_OUT_OF_MEMORY;
4389 prune_dead_connections(data);
4391 /*************************************************************
4392 * Check the current list of connections to see if we can
4393 * re-use an already existing one or if we have to create a
4395 *************************************************************/
4397 /* reuse_fresh is TRUE if we are told to use a new connection by force, but
4398 we only acknowledge this option if this is not a re-used connection
4399 already (which happens due to follow-location or during a HTTP
4400 authentication phase). */
4401 if(data->set.reuse_fresh && !data->state.this_is_a_follow)
4404 reuse = ConnectionExists(data, conn, &conn_temp, &force_reuse, &waitpipe);
4406 /* If we found a reusable connection that is now marked as in use, we may
4407 still want to open a new connection if we are pipelining. */
4408 if(reuse && !force_reuse && IsPipeliningPossible(data, conn_temp)) {
4409 size_t pipelen = conn_temp->send_pipe.size + conn_temp->recv_pipe.size;
4411 infof(data, "Found connection %ld, with requests in the pipe (%zu)\n",
4412 conn_temp->connection_id, pipelen);
4414 if(Curl_conncache_bundle_size(conn_temp) < max_host_connections &&
4415 Curl_conncache_size(data) < max_total_connections) {
4416 /* We want a new connection anyway */
4419 infof(data, "We can reuse, but we want a new connection anyway\n");
4420 Curl_conncache_return_conn(conn_temp);
4427 * We already have a connection for this, we got the former connection
4428 * in the conn_temp variable and thus we need to cleanup the one we
4429 * just allocated before we can move along and use the previously
4432 reuse_conn(conn, conn_temp);
4434 free(conn->ssl_extra);
4436 free(conn); /* we don't need this anymore */
4440 infof(data, "Re-using existing connection! (#%ld) with %s %s\n",
4441 conn->connection_id,
4442 conn->bits.proxy?"proxy":"host",
4443 conn->socks_proxy.host.name ? conn->socks_proxy.host.dispname :
4444 conn->http_proxy.host.name ? conn->http_proxy.host.dispname :
4445 conn->host.dispname);
4448 /* We have decided that we want a new connection. However, we may not
4449 be able to do that if we have reached the limit of how many
4450 connections we are allowed to open. */
4452 if(conn->handler->flags & PROTOPT_ALPN_NPN) {
4453 /* The protocol wants it, so set the bits if enabled in the easy handle
4455 if(data->set.ssl_enable_alpn)
4456 conn->bits.tls_enable_alpn = TRUE;
4457 if(data->set.ssl_enable_npn)
4458 conn->bits.tls_enable_npn = TRUE;
4462 /* There is a connection that *might* become usable for pipelining
4463 "soon", and we wait for that */
4464 connections_available = FALSE;
4466 /* this gets a lock on the conncache */
4467 struct connectbundle *bundle =
4468 Curl_conncache_find_bundle(conn, data->state.conn_cache);
4470 if(max_host_connections > 0 && bundle &&
4471 (bundle->num_connections >= max_host_connections)) {
4472 struct connectdata *conn_candidate;
4474 /* The bundle is full. Extract the oldest connection. */
4475 conn_candidate = Curl_conncache_extract_bundle(data, bundle);
4476 Curl_conncache_unlock(conn);
4478 if(conn_candidate) {
4479 /* Set the connection's owner correctly, then kill it */
4480 conn_candidate->data = data;
4481 (void)Curl_disconnect(conn_candidate, /* dead_connection */ FALSE);
4484 infof(data, "No more connections allowed to host: %d\n",
4485 max_host_connections);
4486 connections_available = FALSE;
4490 Curl_conncache_unlock(conn);
4494 if(connections_available &&
4495 (max_total_connections > 0) &&
4496 (Curl_conncache_size(data) >= max_total_connections)) {
4497 struct connectdata *conn_candidate;
4499 /* The cache is full. Let's see if we can kill a connection. */
4500 conn_candidate = Curl_conncache_extract_oldest(data);
4502 if(conn_candidate) {
4503 /* Set the connection's owner correctly, then kill it */
4504 conn_candidate->data = data;
4505 (void)Curl_disconnect(conn_candidate, /* dead_connection */ FALSE);
4508 infof(data, "No connections available in cache\n");
4509 connections_available = FALSE;
4513 if(!connections_available) {
4514 infof(data, "No connections available.\n");
4519 result = CURLE_NO_CONNECTION_AVAILABLE;
4523 /* Mark the connection as used, before we add it */
4527 * This is a brand new connection, so let's store it in the connection
4530 Curl_conncache_add_conn(data->state.conn_cache, conn);
4533 #if defined(USE_NTLM)
4534 /* If NTLM is requested in a part of this connection, make sure we don't
4535 assume the state is fine as this is a fresh connection and NTLM is
4536 connection based. */
4537 if((data->state.authhost.picked & (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
4538 data->state.authhost.done) {
4539 infof(data, "NTLM picked AND auth done set, clear picked!\n");
4540 data->state.authhost.picked = CURLAUTH_NONE;
4541 data->state.authhost.done = FALSE;
4544 if((data->state.authproxy.picked & (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
4545 data->state.authproxy.done) {
4546 infof(data, "NTLM-proxy picked AND auth done set, clear picked!\n");
4547 data->state.authproxy.picked = CURLAUTH_NONE;
4548 data->state.authproxy.done = FALSE;
4553 /* Setup and init stuff before DO starts, in preparing for the transfer. */
4554 Curl_init_do(data, conn);
4557 * Setup whatever necessary for a resumed transfer
4559 result = setup_range(data);
4563 /* Continue connectdata initialization here. */
4566 * Inherit the proper values from the urldata struct AFTER we have arranged
4567 * the persistent connection stuff
4569 conn->seek_func = data->set.seek_func;
4570 conn->seek_client = data->set.seek_client;
4572 /*************************************************************
4573 * Resolve the address of the server or proxy
4574 *************************************************************/
4575 result = resolve_server(data, conn, async);
4585 /* Curl_setup_conn() is called after the name resolve initiated in
4586 * create_conn() is all done.
4588 * Curl_setup_conn() also handles reused connections
4590 * conn->data MUST already have been setup fine (in create_conn)
4593 CURLcode Curl_setup_conn(struct connectdata *conn,
4594 bool *protocol_done)
4596 CURLcode result = CURLE_OK;
4597 struct Curl_easy *data = conn->data;
4599 Curl_pgrsTime(data, TIMER_NAMELOOKUP);
4601 if(conn->handler->flags & PROTOPT_NONETWORK) {
4602 /* nothing to setup when not using a network */
4603 *protocol_done = TRUE;
4606 *protocol_done = FALSE; /* default to not done */
4608 /* set proxy_connect_closed to false unconditionally already here since it
4609 is used strictly to provide extra information to a parent function in the
4610 case of proxy CONNECT failures and we must make sure we don't have it
4611 lingering set from a previous invoke */
4612 conn->bits.proxy_connect_closed = FALSE;
4615 * Set user-agent. Used for HTTP, but since we can attempt to tunnel
4616 * basically anything through a http proxy we can't limit this based on
4619 if(data->set.str[STRING_USERAGENT]) {
4620 Curl_safefree(conn->allocptr.uagent);
4621 conn->allocptr.uagent =
4622 aprintf("User-Agent: %s\r\n", data->set.str[STRING_USERAGENT]);
4623 if(!conn->allocptr.uagent)
4624 return CURLE_OUT_OF_MEMORY;
4627 data->req.headerbytecount = 0;
4629 #ifdef CURL_DO_LINEEND_CONV
4630 data->state.crlf_conversions = 0; /* reset CRLF conversion counter */
4631 #endif /* CURL_DO_LINEEND_CONV */
4633 /* set start time here for timeout purposes in the connect procedure, it
4634 is later set again for the progress meter purpose */
4635 conn->now = Curl_now();
4637 if(CURL_SOCKET_BAD == conn->sock[FIRSTSOCKET]) {
4638 conn->bits.tcpconnect[FIRSTSOCKET] = FALSE;
4639 result = Curl_connecthost(conn, conn->dns_entry);
4644 Curl_pgrsTime(data, TIMER_CONNECT); /* we're connected already */
4645 Curl_pgrsTime(data, TIMER_APPCONNECT); /* we're connected already */
4646 conn->bits.tcpconnect[FIRSTSOCKET] = TRUE;
4647 *protocol_done = TRUE;
4648 Curl_updateconninfo(conn, conn->sock[FIRSTSOCKET]);
4649 Curl_verboseconnect(conn);
4652 conn->now = Curl_now(); /* time this *after* the connect is done, we set
4653 this here perhaps a second time */
4657 CURLcode Curl_connect(struct Curl_easy *data,
4658 struct connectdata **in_connect,
4660 bool *protocol_done)
4664 *asyncp = FALSE; /* assume synchronous resolves by default */
4666 /* call the stuff that needs to be called */
4667 result = create_conn(data, in_connect, asyncp);
4671 if((*in_connect)->send_pipe.size || (*in_connect)->recv_pipe.size)
4673 *protocol_done = TRUE;
4675 /* DNS resolution is done: that's either because this is a reused
4676 connection, in which case DNS was unnecessary, or because DNS
4677 really did finish already (synch resolver/fast async resolve) */
4678 result = Curl_setup_conn(*in_connect, protocol_done);
4682 if(result == CURLE_NO_CONNECTION_AVAILABLE) {
4687 if(result && *in_connect) {
4688 /* We're not allowed to return failure with memory left allocated
4689 in the connectdata struct, free those here */
4690 Curl_disconnect(*in_connect, FALSE); /* close the connection */
4691 *in_connect = NULL; /* return a NULL */
4698 * Curl_init_do() inits the readwrite session. This is inited each time (in
4699 * the DO function before the protocol-specific DO functions are invoked) for
4700 * a transfer, sometimes multiple times on the same Curl_easy. Make sure
4701 * nothing in here depends on stuff that are setup dynamically for the
4704 * Allow this function to get called with 'conn' set to NULL.
4707 CURLcode Curl_init_do(struct Curl_easy *data, struct connectdata *conn)
4709 struct SingleRequest *k = &data->req;
4711 conn->bits.do_more = FALSE; /* by default there's no curl_do_more() to
4714 data->state.done = FALSE; /* *_done() is not called yet */
4715 data->state.expect100header = FALSE;
4717 /* if the protocol used doesn't support wildcards, switch it off */
4718 if(data->state.wildcardmatch &&
4719 !(conn->handler->flags & PROTOPT_WILDCARD))
4720 data->state.wildcardmatch = FALSE;
4722 if(data->set.opt_no_body)
4723 /* in HTTP lingo, no body means using the HEAD request... */
4724 data->set.httpreq = HTTPREQ_HEAD;
4725 else if(HTTPREQ_HEAD == data->set.httpreq)
4726 /* ... but if unset there really is no perfect method that is the
4727 "opposite" of HEAD but in reality most people probably think GET
4728 then. The important thing is that we can't let it remain HEAD if the
4729 opt_no_body is set FALSE since then we'll behave wrong when getting
4731 data->set.httpreq = HTTPREQ_GET;
4733 k->start = Curl_now(); /* start time */
4734 k->now = k->start; /* current time is now */
4735 k->header = TRUE; /* assume header */
4739 k->buf = data->state.buffer;
4740 k->hbufp = data->state.headerbuff;
4741 k->ignorebody = FALSE;
4743 Curl_speedinit(data);
4745 Curl_pgrsSetUploadCounter(data, 0);
4746 Curl_pgrsSetDownloadCounter(data, 0);
4752 * get_protocol_family()
4754 * This is used to return the protocol family for a given protocol.
4758 * protocol [in] - A single bit protocol identifier such as HTTP or HTTPS.
4760 * Returns the family as a single bit protocol identifier.
4763 static unsigned int get_protocol_family(unsigned int protocol)
4765 unsigned int family;
4768 case CURLPROTO_HTTP:
4769 case CURLPROTO_HTTPS:
4770 family = CURLPROTO_HTTP;
4774 case CURLPROTO_FTPS:
4775 family = CURLPROTO_FTP;
4779 family = CURLPROTO_SCP;
4782 case CURLPROTO_SFTP:
4783 family = CURLPROTO_SFTP;
4786 case CURLPROTO_TELNET:
4787 family = CURLPROTO_TELNET;
4790 case CURLPROTO_LDAP:
4791 case CURLPROTO_LDAPS:
4792 family = CURLPROTO_LDAP;
4795 case CURLPROTO_DICT:
4796 family = CURLPROTO_DICT;
4799 case CURLPROTO_FILE:
4800 family = CURLPROTO_FILE;
4803 case CURLPROTO_TFTP:
4804 family = CURLPROTO_TFTP;
4807 case CURLPROTO_IMAP:
4808 case CURLPROTO_IMAPS:
4809 family = CURLPROTO_IMAP;
4812 case CURLPROTO_POP3:
4813 case CURLPROTO_POP3S:
4814 family = CURLPROTO_POP3;
4817 case CURLPROTO_SMTP:
4818 case CURLPROTO_SMTPS:
4819 family = CURLPROTO_SMTP;
4822 case CURLPROTO_RTSP:
4823 family = CURLPROTO_RTSP;
4826 case CURLPROTO_RTMP:
4827 case CURLPROTO_RTMPS:
4828 family = CURLPROTO_RTMP;
4831 case CURLPROTO_RTMPT:
4832 case CURLPROTO_RTMPTS:
4833 family = CURLPROTO_RTMPT;
4836 case CURLPROTO_RTMPE:
4837 family = CURLPROTO_RTMPE;
4840 case CURLPROTO_RTMPTE:
4841 family = CURLPROTO_RTMPTE;
4844 case CURLPROTO_GOPHER:
4845 family = CURLPROTO_GOPHER;
4849 case CURLPROTO_SMBS:
4850 family = CURLPROTO_SMB;
projects / platform / upstream / curl.git / blob