1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
21 ***************************************************************************/
23 #include "curl_setup.h"
25 #ifdef HAVE_NETINET_IN_H
26 #include <netinet/in.h>
31 #ifdef HAVE_ARPA_INET_H
32 #include <arpa/inet.h>
37 #ifdef HAVE_SYS_IOCTL_H
38 #include <sys/ioctl.h>
41 #ifdef HAVE_SYS_PARAM_H
42 #include <sys/param.h>
55 #error "We can't compile without socket() support!"
65 #elif defined(USE_WIN32_IDN)
66 /* prototype for curl_win32_idn_to_ascii() */
67 bool curl_win32_idn_to_ascii(const char *in, char **out);
68 #endif /* USE_LIBIDN2 */
74 #include "vtls/vtls.h"
85 #include "content_encoding.h"
86 #include "http_digest.h"
87 #include "http_negotiate.h"
91 #include "speedcheck.h"
93 #include "non-ascii.h"
94 #include "inet_pton.h"
97 /* And now for the protocols */
105 #include "curl_ldap.h"
110 #include "inet_ntop.h"
111 #include "http_ntlm.h"
112 #include "curl_ntlm_wb.h"
114 #include "curl_rtmp.h"
116 #include "http_proxy.h"
117 #include "conncache.h"
118 #include "multihandle.h"
119 #include "pipeline.h"
122 /* The last 3 #include files should be in this order */
123 #include "curl_printf.h"
124 #include "curl_memory.h"
125 #include "memdebug.h"
127 /* Local static prototypes */
128 static struct connectdata *
129 find_oldest_idle_connection_in_bundle(struct Curl_easy *data,
130 struct connectbundle *bundle);
131 static void conn_free(struct connectdata *conn);
132 static void free_fixed_hostname(struct hostname *host);
133 static void signalPipeClose(struct curl_llist *pipeline, bool pipe_broke);
134 static CURLcode parse_url_login(struct Curl_easy *data,
135 struct connectdata *conn,
136 char **userptr, char **passwdptr,
138 static CURLcode parse_login_details(const char *login, const size_t len,
139 char **userptr, char **passwdptr,
141 static unsigned int get_protocol_family(unsigned int protocol);
147 static const struct Curl_handler * const protocols[] = {
149 #ifndef CURL_DISABLE_HTTP
153 #if defined(USE_SSL) && !defined(CURL_DISABLE_HTTP)
157 #ifndef CURL_DISABLE_FTP
161 #if defined(USE_SSL) && !defined(CURL_DISABLE_FTP)
165 #ifndef CURL_DISABLE_TELNET
166 &Curl_handler_telnet,
169 #ifndef CURL_DISABLE_DICT
173 #ifndef CURL_DISABLE_LDAP
175 #if !defined(CURL_DISABLE_LDAPS) && \
176 ((defined(USE_OPENLDAP) && defined(USE_SSL)) || \
177 (!defined(USE_OPENLDAP) && defined(HAVE_LDAP_SSL)))
182 #ifndef CURL_DISABLE_FILE
186 #ifndef CURL_DISABLE_TFTP
195 #ifndef CURL_DISABLE_IMAP
202 #ifndef CURL_DISABLE_POP3
209 #if !defined(CURL_DISABLE_SMB) && defined(USE_NTLM) && \
210 (CURL_SIZEOF_CURL_OFF_T > 4) && \
211 (!defined(USE_WINDOWS_SSPI) || defined(USE_WIN32_CRYPTO))
218 #ifndef CURL_DISABLE_SMTP
225 #ifndef CURL_DISABLE_RTSP
229 #ifndef CURL_DISABLE_GOPHER
230 &Curl_handler_gopher,
237 &Curl_handler_rtmpte,
239 &Curl_handler_rtmpts,
242 (struct Curl_handler *) NULL
246 * Dummy handler for undefined protocol schemes.
249 static const struct Curl_handler Curl_handler_dummy = {
250 "<no protocol>", /* scheme */
251 ZERO_NULL, /* setup_connection */
252 ZERO_NULL, /* do_it */
253 ZERO_NULL, /* done */
254 ZERO_NULL, /* do_more */
255 ZERO_NULL, /* connect_it */
256 ZERO_NULL, /* connecting */
257 ZERO_NULL, /* doing */
258 ZERO_NULL, /* proto_getsock */
259 ZERO_NULL, /* doing_getsock */
260 ZERO_NULL, /* domore_getsock */
261 ZERO_NULL, /* perform_getsock */
262 ZERO_NULL, /* disconnect */
263 ZERO_NULL, /* readwrite */
266 PROTOPT_NONE /* flags */
269 void Curl_freeset(struct Curl_easy *data)
271 /* Free all dynamic strings stored in the data->set substructure. */
273 for(i=(enum dupstring)0; i < STRING_LAST; i++) {
274 Curl_safefree(data->set.str[i]);
277 if(data->change.referer_alloc) {
278 Curl_safefree(data->change.referer);
279 data->change.referer_alloc = FALSE;
281 data->change.referer = NULL;
282 if(data->change.url_alloc) {
283 Curl_safefree(data->change.url);
284 data->change.url_alloc = FALSE;
286 data->change.url = NULL;
289 static CURLcode setstropt(char **charp, const char *s)
291 /* Release the previous storage at `charp' and replace by a dynamic storage
292 copy of `s'. Return CURLE_OK or CURLE_OUT_OF_MEMORY. */
294 Curl_safefree(*charp);
297 char *str = strdup(s);
300 return CURLE_OUT_OF_MEMORY;
308 static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp)
310 CURLcode result = CURLE_OK;
314 /* Parse the login details if specified. It not then we treat NULL as a hint
315 to clear the existing data */
317 result = parse_login_details(option, strlen(option),
318 (userp ? &user : NULL),
319 (passwdp ? &passwd : NULL),
324 /* Store the username part of option if required */
326 if(!user && option && option[0] == ':') {
327 /* Allocate an empty string instead of returning NULL as user name */
330 result = CURLE_OUT_OF_MEMORY;
333 Curl_safefree(*userp);
337 /* Store the password part of option if required */
339 Curl_safefree(*passwdp);
347 CURLcode Curl_dupset(struct Curl_easy *dst, struct Curl_easy *src)
349 CURLcode result = CURLE_OK;
352 /* Copy src->set into dst->set first, then deal with the strings
356 /* clear all string pointers first */
357 memset(dst->set.str, 0, STRING_LAST * sizeof(char *));
359 /* duplicate all strings */
360 for(i=(enum dupstring)0; i< STRING_LASTZEROTERMINATED; i++) {
361 result = setstropt(&dst->set.str[i], src->set.str[i]);
366 /* duplicate memory areas pointed to */
367 i = STRING_COPYPOSTFIELDS;
368 if(src->set.postfieldsize && src->set.str[i]) {
369 /* postfieldsize is curl_off_t, Curl_memdup() takes a size_t ... */
370 dst->set.str[i] = Curl_memdup(src->set.str[i],
371 curlx_sotouz(src->set.postfieldsize));
373 return CURLE_OUT_OF_MEMORY;
374 /* point to the new copy */
375 dst->set.postfields = dst->set.str[i];
382 * This is the internal function curl_easy_cleanup() calls. This should
383 * cleanup and free all resources associated with this sessionhandle.
385 * NOTE: if we ever add something that attempts to write to a socket or
386 * similar here, we must ignore SIGPIPE first. It is currently only done
387 * when curl_easy_perform() is invoked.
390 CURLcode Curl_close(struct Curl_easy *data)
392 struct Curl_multi *m;
397 Curl_expire_clear(data); /* shut off timers */
402 /* This handle is still part of a multi handle, take care of this first
403 and detach this handle from there. */
404 curl_multi_remove_handle(data->multi, data);
407 /* when curl_easy_perform() is used, it creates its own multi handle to
408 use and this is the one */
409 curl_multi_cleanup(data->multi_easy);
411 /* Destroy the timeout list that is held in the easy handle. It is
412 /normally/ done by curl_multi_remove_handle() but this is "just in
414 if(data->state.timeoutlist) {
415 Curl_llist_destroy(data->state.timeoutlist, NULL);
416 data->state.timeoutlist = NULL;
419 data->magic = 0; /* force a clear AFTER the possibly enforced removal from
420 the multi handle, since that function uses the magic
423 if(data->state.rangestringalloc)
424 free(data->state.range);
426 /* Free the pathbuffer */
427 Curl_safefree(data->state.pathbuffer);
428 data->state.path = NULL;
430 /* freed here just in case DONE wasn't called */
431 Curl_free_request_state(data);
433 /* Close down all open SSL info and sessions */
434 Curl_ssl_close_all(data);
435 Curl_safefree(data->state.first_host);
436 Curl_safefree(data->state.scratch);
437 Curl_ssl_free_certinfo(data);
439 /* Cleanup possible redirect junk */
440 free(data->req.newurl);
441 data->req.newurl = NULL;
443 if(data->change.referer_alloc) {
444 Curl_safefree(data->change.referer);
445 data->change.referer_alloc = FALSE;
447 data->change.referer = NULL;
449 if(data->change.url_alloc) {
450 Curl_safefree(data->change.url);
451 data->change.url_alloc = FALSE;
453 data->change.url = NULL;
455 Curl_safefree(data->state.buffer);
456 Curl_safefree(data->state.headerbuff);
458 Curl_flush_cookies(data, 1);
460 Curl_digest_cleanup(data);
462 Curl_safefree(data->info.contenttype);
463 Curl_safefree(data->info.wouldredirect);
465 /* this destroys the channel and we cannot use it anymore after this */
466 Curl_resolver_cleanup(data->state.resolver);
468 Curl_http2_cleanup_dependencies(data);
469 Curl_convert_close(data);
471 /* No longer a dirty share, if it exists */
473 Curl_share_lock(data, CURL_LOCK_DATA_SHARE, CURL_LOCK_ACCESS_SINGLE);
474 data->share->dirty--;
475 Curl_share_unlock(data, CURL_LOCK_DATA_SHARE);
478 if(data->set.wildcardmatch) {
479 /* destruct wildcard structures if it is needed */
480 struct WildcardData *wc = &data->wildcard;
481 Curl_wildcard_dtor(wc);
490 * Initialize the UserDefined fields within a Curl_easy.
491 * This may be safely called on a new or existing Curl_easy.
493 CURLcode Curl_init_userdefined(struct UserDefined *set)
495 CURLcode result = CURLE_OK;
497 set->out = stdout; /* default output to stdout */
498 set->in_set = stdin; /* default input from stdin */
499 set->err = stderr; /* default stderr to stderr */
501 /* use fwrite as default function to store output */
502 set->fwrite_func = (curl_write_callback)fwrite;
504 /* use fread as default function to read input */
505 set->fread_func_set = (curl_read_callback)fread;
506 set->is_fread_set = 0;
507 set->is_fwrite_set = 0;
509 set->seek_func = ZERO_NULL;
510 set->seek_client = ZERO_NULL;
512 /* conversion callbacks for non-ASCII hosts */
513 set->convfromnetwork = ZERO_NULL;
514 set->convtonetwork = ZERO_NULL;
515 set->convfromutf8 = ZERO_NULL;
517 set->filesize = -1; /* we don't know the size */
518 set->postfieldsize = -1; /* unknown size */
519 set->maxredirs = -1; /* allow any amount by default */
521 set->httpreq = HTTPREQ_GET; /* Default HTTP request */
522 set->rtspreq = RTSPREQ_OPTIONS; /* Default RTSP request */
523 set->ftp_use_epsv = TRUE; /* FTP defaults to EPSV operations */
524 set->ftp_use_eprt = TRUE; /* FTP defaults to EPRT operations */
525 set->ftp_use_pret = FALSE; /* mainly useful for drftpd servers */
526 set->ftp_filemethod = FTPFILE_MULTICWD;
528 set->dns_cache_timeout = 60; /* Timeout every 60 seconds by default */
530 /* Set the default size of the SSL session ID cache */
531 set->general_ssl.max_ssl_sessions = 5;
534 set->proxytype = CURLPROXY_HTTP; /* defaults to HTTP proxy */
535 set->httpauth = CURLAUTH_BASIC; /* defaults to basic */
536 set->proxyauth = CURLAUTH_BASIC; /* defaults to basic */
538 /* make libcurl quiet by default: */
539 set->hide_progress = TRUE; /* CURLOPT_NOPROGRESS changes these */
542 * libcurl 7.10 introduced SSL verification *by default*! This needs to be
543 * switched off unless wanted.
545 set->ssl.primary.verifypeer = TRUE;
546 set->ssl.primary.verifyhost = TRUE;
548 set->ssl.authtype = CURL_TLSAUTH_NONE;
550 set->ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
552 set->ssl.primary.sessionid = TRUE; /* session ID caching enabled by
554 set->proxy_ssl = set->ssl;
556 set->new_file_perms = 0644; /* Default permissions */
557 set->new_directory_perms = 0755; /* Default permissions */
559 /* for the *protocols fields we don't use the CURLPROTO_ALL convenience
560 define since we internally only use the lower 16 bits for the passed
561 in bitmask to not conflict with the private bits */
562 set->allowed_protocols = CURLPROTO_ALL;
563 set->redir_protocols = CURLPROTO_ALL & /* All except FILE, SCP and SMB */
564 ~(CURLPROTO_FILE | CURLPROTO_SCP | CURLPROTO_SMB |
567 #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
569 * disallow unprotected protection negotiation NEC reference implementation
570 * seem not to follow rfc1961 section 4.3/4.4
572 set->socks5_gssapi_nec = FALSE;
575 /* This is our preferred CA cert bundle/path since install time */
576 #if defined(CURL_CA_BUNDLE)
577 result = setstropt(&set->str[STRING_SSL_CAFILE_ORIG], CURL_CA_BUNDLE);
581 result = setstropt(&set->str[STRING_SSL_CAFILE_PROXY], CURL_CA_BUNDLE);
585 #if defined(CURL_CA_PATH)
586 result = setstropt(&set->str[STRING_SSL_CAPATH_ORIG], CURL_CA_PATH);
590 result = setstropt(&set->str[STRING_SSL_CAPATH_PROXY], CURL_CA_PATH);
595 set->wildcardmatch = FALSE;
596 set->chunk_bgn = ZERO_NULL;
597 set->chunk_end = ZERO_NULL;
599 /* tcp keepalives are disabled by default, but provide reasonable values for
600 * the interval and idle times.
602 set->tcp_keepalive = FALSE;
603 set->tcp_keepintvl = 60;
604 set->tcp_keepidle = 60;
605 set->tcp_fastopen = FALSE;
606 set->tcp_nodelay = TRUE;
608 set->ssl_enable_npn = TRUE;
609 set->ssl_enable_alpn = TRUE;
611 set->expect_100_timeout = 1000L; /* Wait for a second by default. */
612 set->sep_headers = TRUE; /* separated header lists by default */
614 Curl_http2_init_userset(set);
621 * @param curl is a pointer to a sessionhandle pointer that gets set by this
626 CURLcode Curl_open(struct Curl_easy **curl)
629 struct Curl_easy *data;
631 /* Very simple start-up: alloc the struct, init it with zeroes and return */
632 data = calloc(1, sizeof(struct Curl_easy));
634 /* this is a very serious error */
635 DEBUGF(fprintf(stderr, "Error: calloc of Curl_easy failed\n"));
636 return CURLE_OUT_OF_MEMORY;
639 data->magic = CURLEASY_MAGIC_NUMBER;
641 result = Curl_resolver_init(&data->state.resolver);
643 DEBUGF(fprintf(stderr, "Error: resolver_init failed\n"));
648 /* We do some initial setup here, all those fields that can't be just 0 */
650 data->state.buffer = malloc(BUFSIZE + 1);
651 if(!data->state.buffer) {
652 DEBUGF(fprintf(stderr, "Error: malloc of buffer failed\n"));
653 result = CURLE_OUT_OF_MEMORY;
656 data->state.headerbuff = malloc(HEADERSIZE);
657 if(!data->state.headerbuff) {
658 DEBUGF(fprintf(stderr, "Error: malloc of headerbuff failed\n"));
659 result = CURLE_OUT_OF_MEMORY;
662 result = Curl_init_userdefined(&data->set);
664 data->state.headersize=HEADERSIZE;
666 Curl_convert_init(data);
670 /* most recent connection is not yet defined */
671 data->state.lastconnect = NULL;
673 data->progress.flags |= PGRS_HIDE;
674 data->state.current_speed = -1; /* init to negative == impossible */
676 data->wildcard.state = CURLWC_INIT;
677 data->wildcard.filelist = NULL;
678 data->set.fnmatch = ZERO_NULL;
679 data->set.maxconnects = DEFAULT_CONNCACHE_SIZE; /* for easy handles */
681 Curl_http2_init_state(&data->state);
685 Curl_resolver_cleanup(data->state.resolver);
686 free(data->state.buffer);
687 free(data->state.headerbuff);
698 CURLcode Curl_setopt(struct Curl_easy *data, CURLoption option,
702 CURLcode result = CURLE_OK;
704 #ifndef CURL_DISABLE_HTTP
709 case CURLOPT_DNS_CACHE_TIMEOUT:
710 data->set.dns_cache_timeout = va_arg(param, long);
712 case CURLOPT_DNS_USE_GLOBAL_CACHE:
713 /* remember we want this enabled */
714 arg = va_arg(param, long);
715 data->set.global_dns_cache = (0 != arg) ? TRUE : FALSE;
717 case CURLOPT_SSL_CIPHER_LIST:
718 /* set a list of cipher we want to use in the SSL connection */
719 result = setstropt(&data->set.str[STRING_SSL_CIPHER_LIST_ORIG],
720 va_arg(param, char *));
722 case CURLOPT_PROXY_SSL_CIPHER_LIST:
723 /* set a list of cipher we want to use in the SSL connection for proxy */
724 result = setstropt(&data->set.str[STRING_SSL_CIPHER_LIST_PROXY],
725 va_arg(param, char *));
728 case CURLOPT_RANDOM_FILE:
730 * This is the path name to a file that contains random data to seed
731 * the random SSL stuff with. The file is only used for reading.
733 result = setstropt(&data->set.str[STRING_SSL_RANDOM_FILE],
734 va_arg(param, char *));
736 case CURLOPT_EGDSOCKET:
738 * The Entropy Gathering Daemon socket pathname
740 result = setstropt(&data->set.str[STRING_SSL_EGDSOCKET],
741 va_arg(param, char *));
743 case CURLOPT_MAXCONNECTS:
745 * Set the absolute number of maximum simultaneous alive connection that
746 * libcurl is allowed to have.
748 data->set.maxconnects = va_arg(param, long);
750 case CURLOPT_FORBID_REUSE:
752 * When this transfer is done, it must not be left to be reused by a
753 * subsequent transfer but shall be closed immediately.
755 data->set.reuse_forbid = (0 != va_arg(param, long)) ? TRUE : FALSE;
757 case CURLOPT_FRESH_CONNECT:
759 * This transfer shall not use a previously cached connection but
760 * should be made with a fresh new connect!
762 data->set.reuse_fresh = (0 != va_arg(param, long)) ? TRUE : FALSE;
764 case CURLOPT_VERBOSE:
766 * Verbose means infof() calls that give a lot of information about
767 * the connection and transfer procedures as well as internal choices.
769 data->set.verbose = (0 != va_arg(param, long)) ? TRUE : FALSE;
773 * Set to include the header in the general data output stream.
775 data->set.include_header = (0 != va_arg(param, long)) ? TRUE : FALSE;
777 case CURLOPT_NOPROGRESS:
779 * Shut off the internal supported progress meter
781 data->set.hide_progress = (0 != va_arg(param, long)) ? TRUE : FALSE;
782 if(data->set.hide_progress)
783 data->progress.flags |= PGRS_HIDE;
785 data->progress.flags &= ~PGRS_HIDE;
789 * Do not include the body part in the output data stream.
791 data->set.opt_no_body = (0 != va_arg(param, long)) ? TRUE : FALSE;
793 case CURLOPT_FAILONERROR:
795 * Don't output the >=400 error code HTML-page, but instead only
798 data->set.http_fail_on_error = (0 != va_arg(param, long)) ? TRUE : FALSE;
800 case CURLOPT_KEEP_SENDING_ON_ERROR:
801 data->set.http_keep_sending_on_error = (0 != va_arg(param, long)) ?
807 * We want to sent data to the remote host. If this is HTTP, that equals
808 * using the PUT request.
810 data->set.upload = (0 != va_arg(param, long)) ? TRUE : FALSE;
811 if(data->set.upload) {
812 /* If this is HTTP, PUT is what's needed to "upload" */
813 data->set.httpreq = HTTPREQ_PUT;
814 data->set.opt_no_body = FALSE; /* this is implied */
817 /* In HTTP, the opposite of upload is GET (unless NOBODY is true as
818 then this can be changed to HEAD later on) */
819 data->set.httpreq = HTTPREQ_GET;
821 case CURLOPT_FILETIME:
823 * Try to get the file time of the remote document. The time will
824 * later (possibly) become available using curl_easy_getinfo().
826 data->set.get_filetime = (0 != va_arg(param, long)) ? TRUE : FALSE;
828 case CURLOPT_FTP_CREATE_MISSING_DIRS:
830 * An FTP option that modifies an upload to create missing directories on
833 switch(va_arg(param, long)) {
835 data->set.ftp_create_missing_dirs = 0;
838 data->set.ftp_create_missing_dirs = 1;
841 data->set.ftp_create_missing_dirs = 2;
844 /* reserve other values for future use */
845 result = CURLE_UNKNOWN_OPTION;
849 case CURLOPT_SERVER_RESPONSE_TIMEOUT:
851 * Option that specifies how quickly an server response must be obtained
852 * before it is considered failure. For pingpong protocols.
854 data->set.server_response_timeout = va_arg(param, long) * 1000;
856 case CURLOPT_TFTP_NO_OPTIONS:
858 * Option that prevents libcurl from sending TFTP option requests to the
861 data->set.tftp_no_options = va_arg(param, long) != 0;
863 case CURLOPT_TFTP_BLKSIZE:
865 * TFTP option that specifies the block size to use for data transmission.
867 data->set.tftp_blksize = va_arg(param, long);
869 case CURLOPT_DIRLISTONLY:
871 * An option that changes the command to one that asks for a list
872 * only, no file info details.
874 data->set.ftp_list_only = (0 != va_arg(param, long)) ? TRUE : FALSE;
878 * We want to upload and append to an existing file.
880 data->set.ftp_append = (0 != va_arg(param, long)) ? TRUE : FALSE;
882 case CURLOPT_FTP_FILEMETHOD:
884 * How do access files over FTP.
886 data->set.ftp_filemethod = (curl_ftpfile)va_arg(param, long);
890 * Parse the $HOME/.netrc file
892 data->set.use_netrc = (enum CURL_NETRC_OPTION)va_arg(param, long);
894 case CURLOPT_NETRC_FILE:
896 * Use this file instead of the $HOME/.netrc file
898 result = setstropt(&data->set.str[STRING_NETRC_FILE],
899 va_arg(param, char *));
901 case CURLOPT_TRANSFERTEXT:
903 * This option was previously named 'FTPASCII'. Renamed to work with
904 * more protocols than merely FTP.
906 * Transfer using ASCII (instead of BINARY).
908 data->set.prefer_ascii = (0 != va_arg(param, long)) ? TRUE : FALSE;
910 case CURLOPT_TIMECONDITION:
912 * Set HTTP time condition. This must be one of the defines in the
913 * curl/curl.h header file.
915 data->set.timecondition = (curl_TimeCond)va_arg(param, long);
917 case CURLOPT_TIMEVALUE:
919 * This is the value to compare with the remote document with the
920 * method set with CURLOPT_TIMECONDITION
922 data->set.timevalue = (time_t)va_arg(param, long);
924 case CURLOPT_SSLVERSION:
926 * Set explicit SSL version to try to connect with, as some SSL
927 * implementations are lame.
930 data->set.ssl.primary.version = va_arg(param, long);
932 result = CURLE_UNKNOWN_OPTION;
935 case CURLOPT_PROXY_SSLVERSION:
937 * Set explicit SSL version to try to connect with for proxy, as some SSL
938 * implementations are lame.
941 data->set.proxy_ssl.primary.version = va_arg(param, long);
943 result = CURLE_UNKNOWN_OPTION;
947 #ifndef CURL_DISABLE_HTTP
948 case CURLOPT_AUTOREFERER:
950 * Switch on automatic referer that gets set if curl follows locations.
952 data->set.http_auto_referer = (0 != va_arg(param, long)) ? TRUE : FALSE;
955 case CURLOPT_ACCEPT_ENCODING:
957 * String to use at the value of Accept-Encoding header.
959 * If the encoding is set to "" we use an Accept-Encoding header that
960 * encompasses all the encodings we support.
961 * If the encoding is set to NULL we don't send an Accept-Encoding header
962 * and ignore an received Content-Encoding header.
965 argptr = va_arg(param, char *);
966 result = setstropt(&data->set.str[STRING_ENCODING],
967 (argptr && !*argptr)?
968 ALL_CONTENT_ENCODINGS: argptr);
971 case CURLOPT_TRANSFER_ENCODING:
972 data->set.http_transfer_encoding = (0 != va_arg(param, long)) ?
976 case CURLOPT_FOLLOWLOCATION:
978 * Follow Location: header hints on a HTTP-server.
980 data->set.http_follow_location = (0 != va_arg(param, long)) ? TRUE : FALSE;
983 case CURLOPT_UNRESTRICTED_AUTH:
985 * Send authentication (user+password) when following locations, even when
988 data->set.http_disable_hostname_check_before_authentication =
989 (0 != va_arg(param, long)) ? TRUE : FALSE;
992 case CURLOPT_MAXREDIRS:
994 * The maximum amount of hops you allow curl to follow Location:
995 * headers. This should mostly be used to detect never-ending loops.
997 data->set.maxredirs = va_arg(param, long);
1000 case CURLOPT_POSTREDIR:
1003 * Set the behaviour of POST when redirecting
1004 * CURL_REDIR_GET_ALL - POST is changed to GET after 301 and 302
1005 * CURL_REDIR_POST_301 - POST is kept as POST after 301
1006 * CURL_REDIR_POST_302 - POST is kept as POST after 302
1007 * CURL_REDIR_POST_303 - POST is kept as POST after 303
1008 * CURL_REDIR_POST_ALL - POST is kept as POST after 301, 302 and 303
1009 * other - POST is kept as POST after 301 and 302
1011 int postRedir = curlx_sltosi(va_arg(param, long));
1012 data->set.keep_post = postRedir & CURL_REDIR_POST_ALL;
1017 /* Does this option serve a purpose anymore? Yes it does, when
1018 CURLOPT_POSTFIELDS isn't used and the POST data is read off the
1020 if(va_arg(param, long)) {
1021 data->set.httpreq = HTTPREQ_POST;
1022 data->set.opt_no_body = FALSE; /* this is implied */
1025 data->set.httpreq = HTTPREQ_GET;
1028 case CURLOPT_COPYPOSTFIELDS:
1030 * A string with POST data. Makes curl HTTP POST. Even if it is NULL.
1031 * If needed, CURLOPT_POSTFIELDSIZE must have been set prior to
1032 * CURLOPT_COPYPOSTFIELDS and not altered later.
1034 argptr = va_arg(param, char *);
1036 if(!argptr || data->set.postfieldsize == -1)
1037 result = setstropt(&data->set.str[STRING_COPYPOSTFIELDS], argptr);
1040 * Check that requested length does not overflow the size_t type.
1043 if((data->set.postfieldsize < 0) ||
1044 ((sizeof(curl_off_t) != sizeof(size_t)) &&
1045 (data->set.postfieldsize > (curl_off_t)((size_t)-1))))
1046 result = CURLE_OUT_OF_MEMORY;
1050 (void) setstropt(&data->set.str[STRING_COPYPOSTFIELDS], NULL);
1052 /* Allocate even when size == 0. This satisfies the need of possible
1053 later address compare to detect the COPYPOSTFIELDS mode, and
1054 to mark that postfields is used rather than read function or
1057 p = malloc((size_t)(data->set.postfieldsize?
1058 data->set.postfieldsize:1));
1061 result = CURLE_OUT_OF_MEMORY;
1063 if(data->set.postfieldsize)
1064 memcpy(p, argptr, (size_t)data->set.postfieldsize);
1066 data->set.str[STRING_COPYPOSTFIELDS] = p;
1071 data->set.postfields = data->set.str[STRING_COPYPOSTFIELDS];
1072 data->set.httpreq = HTTPREQ_POST;
1075 case CURLOPT_POSTFIELDS:
1077 * Like above, but use static data instead of copying it.
1079 data->set.postfields = va_arg(param, void *);
1080 /* Release old copied data. */
1081 (void) setstropt(&data->set.str[STRING_COPYPOSTFIELDS], NULL);
1082 data->set.httpreq = HTTPREQ_POST;
1085 case CURLOPT_POSTFIELDSIZE:
1087 * The size of the POSTFIELD data to prevent libcurl to do strlen() to
1088 * figure it out. Enables binary posts.
1090 bigsize = va_arg(param, long);
1092 if(data->set.postfieldsize < bigsize &&
1093 data->set.postfields == data->set.str[STRING_COPYPOSTFIELDS]) {
1094 /* Previous CURLOPT_COPYPOSTFIELDS is no longer valid. */
1095 (void) setstropt(&data->set.str[STRING_COPYPOSTFIELDS], NULL);
1096 data->set.postfields = NULL;
1099 data->set.postfieldsize = bigsize;
1102 case CURLOPT_POSTFIELDSIZE_LARGE:
1104 * The size of the POSTFIELD data to prevent libcurl to do strlen() to
1105 * figure it out. Enables binary posts.
1107 bigsize = va_arg(param, curl_off_t);
1109 if(data->set.postfieldsize < bigsize &&
1110 data->set.postfields == data->set.str[STRING_COPYPOSTFIELDS]) {
1111 /* Previous CURLOPT_COPYPOSTFIELDS is no longer valid. */
1112 (void) setstropt(&data->set.str[STRING_COPYPOSTFIELDS], NULL);
1113 data->set.postfields = NULL;
1116 data->set.postfieldsize = bigsize;
1119 case CURLOPT_HTTPPOST:
1121 * Set to make us do HTTP POST
1123 data->set.httppost = va_arg(param, struct curl_httppost *);
1124 data->set.httpreq = HTTPREQ_POST_FORM;
1125 data->set.opt_no_body = FALSE; /* this is implied */
1128 case CURLOPT_REFERER:
1130 * String to set in the HTTP Referer: field.
1132 if(data->change.referer_alloc) {
1133 Curl_safefree(data->change.referer);
1134 data->change.referer_alloc = FALSE;
1136 result = setstropt(&data->set.str[STRING_SET_REFERER],
1137 va_arg(param, char *));
1138 data->change.referer = data->set.str[STRING_SET_REFERER];
1141 case CURLOPT_USERAGENT:
1143 * String to use in the HTTP User-Agent field
1145 result = setstropt(&data->set.str[STRING_USERAGENT],
1146 va_arg(param, char *));
1149 case CURLOPT_HTTPHEADER:
1151 * Set a list with HTTP headers to use (or replace internals with)
1153 data->set.headers = va_arg(param, struct curl_slist *);
1156 case CURLOPT_PROXYHEADER:
1158 * Set a list with proxy headers to use (or replace internals with)
1160 * Since CURLOPT_HTTPHEADER was the only way to set HTTP headers for a
1161 * long time we remain doing it this way until CURLOPT_PROXYHEADER is
1162 * used. As soon as this option has been used, if set to anything but
1163 * NULL, custom headers for proxies are only picked from this list.
1165 * Set this option to NULL to restore the previous behavior.
1167 data->set.proxyheaders = va_arg(param, struct curl_slist *);
1170 case CURLOPT_HEADEROPT:
1172 * Set header option.
1174 arg = va_arg(param, long);
1175 data->set.sep_headers = (arg & CURLHEADER_SEPARATE)? TRUE: FALSE;
1178 case CURLOPT_HTTP200ALIASES:
1180 * Set a list of aliases for HTTP 200 in response header
1182 data->set.http200aliases = va_arg(param, struct curl_slist *);
1185 #if !defined(CURL_DISABLE_COOKIES)
1186 case CURLOPT_COOKIE:
1188 * Cookie string to send to the remote server in the request.
1190 result = setstropt(&data->set.str[STRING_COOKIE],
1191 va_arg(param, char *));
1194 case CURLOPT_COOKIEFILE:
1196 * Set cookie file to read and parse. Can be used multiple times.
1198 argptr = (char *)va_arg(param, void *);
1200 struct curl_slist *cl;
1201 /* append the cookie file name to the list of file names, and deal with
1203 cl = curl_slist_append(data->change.cookielist, argptr);
1205 curl_slist_free_all(data->change.cookielist);
1206 data->change.cookielist = NULL;
1207 return CURLE_OUT_OF_MEMORY;
1209 data->change.cookielist = cl; /* store the list for later use */
1213 case CURLOPT_COOKIEJAR:
1215 * Set cookie file name to dump all cookies to when we're done.
1218 struct CookieInfo *newcookies;
1219 result = setstropt(&data->set.str[STRING_COOKIEJAR],
1220 va_arg(param, char *));
1223 * Activate the cookie parser. This may or may not already
1226 newcookies = Curl_cookie_init(data, NULL, data->cookies,
1227 data->set.cookiesession);
1229 result = CURLE_OUT_OF_MEMORY;
1230 data->cookies = newcookies;
1234 case CURLOPT_COOKIESESSION:
1236 * Set this option to TRUE to start a new "cookie session". It will
1237 * prevent the forthcoming read-cookies-from-file actions to accept
1238 * cookies that are marked as being session cookies, as they belong to a
1241 * In the original Netscape cookie spec, "session cookies" are cookies
1242 * with no expire date set. RFC2109 describes the same action if no
1243 * 'Max-Age' is set and RFC2965 includes the RFC2109 description and adds
1244 * a 'Discard' action that can enforce the discard even for cookies that
1247 * We run mostly with the original cookie spec, as hardly anyone implements
1250 data->set.cookiesession = (0 != va_arg(param, long)) ? TRUE : FALSE;
1253 case CURLOPT_COOKIELIST:
1254 argptr = va_arg(param, char *);
1259 if(strcasecompare(argptr, "ALL")) {
1260 /* clear all cookies */
1261 Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
1262 Curl_cookie_clearall(data->cookies);
1263 Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
1265 else if(strcasecompare(argptr, "SESS")) {
1266 /* clear session cookies */
1267 Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
1268 Curl_cookie_clearsess(data->cookies);
1269 Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
1271 else if(strcasecompare(argptr, "FLUSH")) {
1272 /* flush cookies to file, takes care of the locking */
1273 Curl_flush_cookies(data, 0);
1275 else if(strcasecompare(argptr, "RELOAD")) {
1276 /* reload cookies from file */
1277 Curl_cookie_loadfiles(data);
1282 /* if cookie engine was not running, activate it */
1283 data->cookies = Curl_cookie_init(data, NULL, NULL, TRUE);
1285 argptr = strdup(argptr);
1286 if(!argptr || !data->cookies) {
1287 result = CURLE_OUT_OF_MEMORY;
1291 Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
1293 if(checkprefix("Set-Cookie:", argptr))
1294 /* HTTP Header format line */
1295 Curl_cookie_add(data, data->cookies, TRUE, argptr + 11, NULL, NULL);
1298 /* Netscape format line */
1299 Curl_cookie_add(data, data->cookies, FALSE, argptr, NULL, NULL);
1301 Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
1307 #endif /* CURL_DISABLE_COOKIES */
1309 case CURLOPT_HTTPGET:
1311 * Set to force us do HTTP GET
1313 if(va_arg(param, long)) {
1314 data->set.httpreq = HTTPREQ_GET;
1315 data->set.upload = FALSE; /* switch off upload */
1316 data->set.opt_no_body = FALSE; /* this is implied */
1320 case CURLOPT_HTTP_VERSION:
1322 * This sets a requested HTTP version to be used. The value is one of
1323 * the listed enums in curl/curl.h.
1325 arg = va_arg(param, long);
1327 if(arg >= CURL_HTTP_VERSION_2)
1328 return CURLE_UNSUPPORTED_PROTOCOL;
1330 data->set.httpversion = arg;
1333 case CURLOPT_HTTPAUTH:
1335 * Set HTTP Authentication type BITMASK.
1340 unsigned long auth = va_arg(param, unsigned long);
1342 if(auth == CURLAUTH_NONE) {
1343 data->set.httpauth = auth;
1347 /* the DIGEST_IE bit is only used to set a special marker, for all the
1348 rest we need to handle it as normal DIGEST */
1349 data->state.authhost.iestyle = (auth & CURLAUTH_DIGEST_IE) ? TRUE : FALSE;
1351 if(auth & CURLAUTH_DIGEST_IE) {
1352 auth |= CURLAUTH_DIGEST; /* set standard digest bit */
1353 auth &= ~CURLAUTH_DIGEST_IE; /* unset ie digest bit */
1356 /* switch off bits we can't support */
1358 auth &= ~CURLAUTH_NTLM; /* no NTLM support */
1359 auth &= ~CURLAUTH_NTLM_WB; /* no NTLM_WB support */
1360 #elif !defined(NTLM_WB_ENABLED)
1361 auth &= ~CURLAUTH_NTLM_WB; /* no NTLM_WB support */
1364 auth &= ~CURLAUTH_NEGOTIATE; /* no Negotiate (SPNEGO) auth without
1368 /* check if any auth bit lower than CURLAUTH_ONLY is still set */
1371 while(bitcheck < 31) {
1372 if(auth & (1UL << bitcheck++)) {
1378 return CURLE_NOT_BUILT_IN; /* no supported types left! */
1380 data->set.httpauth = auth;
1384 case CURLOPT_EXPECT_100_TIMEOUT_MS:
1386 * Time to wait for a response to a HTTP request containing an
1387 * Expect: 100-continue header before sending the data anyway.
1389 data->set.expect_100_timeout = va_arg(param, long);
1392 #endif /* CURL_DISABLE_HTTP */
1394 case CURLOPT_CUSTOMREQUEST:
1396 * Set a custom string to use as request
1398 result = setstropt(&data->set.str[STRING_CUSTOMREQUEST],
1399 va_arg(param, char *));
1402 data->set.httpreq = HTTPREQ_CUSTOM;
1403 here, we continue as if we were using the already set type
1404 and this just changes the actual request keyword */
1407 #ifndef CURL_DISABLE_PROXY
1408 case CURLOPT_HTTPPROXYTUNNEL:
1410 * Tunnel operations through the proxy instead of normal proxy use
1412 data->set.tunnel_thru_httpproxy = (0 != va_arg(param, long)) ?
1416 case CURLOPT_PROXYPORT:
1418 * Explicitly set HTTP proxy port number.
1420 data->set.proxyport = va_arg(param, long);
1423 case CURLOPT_PROXYAUTH:
1425 * Set HTTP Authentication type BITMASK.
1430 unsigned long auth = va_arg(param, unsigned long);
1432 if(auth == CURLAUTH_NONE) {
1433 data->set.proxyauth = auth;
1437 /* the DIGEST_IE bit is only used to set a special marker, for all the
1438 rest we need to handle it as normal DIGEST */
1439 data->state.authproxy.iestyle = (auth & CURLAUTH_DIGEST_IE) ? TRUE : FALSE;
1441 if(auth & CURLAUTH_DIGEST_IE) {
1442 auth |= CURLAUTH_DIGEST; /* set standard digest bit */
1443 auth &= ~CURLAUTH_DIGEST_IE; /* unset ie digest bit */
1445 /* switch off bits we can't support */
1447 auth &= ~CURLAUTH_NTLM; /* no NTLM support */
1448 auth &= ~CURLAUTH_NTLM_WB; /* no NTLM_WB support */
1449 #elif !defined(NTLM_WB_ENABLED)
1450 auth &= ~CURLAUTH_NTLM_WB; /* no NTLM_WB support */
1453 auth &= ~CURLAUTH_NEGOTIATE; /* no Negotiate (SPNEGO) auth without
1457 /* check if any auth bit lower than CURLAUTH_ONLY is still set */
1460 while(bitcheck < 31) {
1461 if(auth & (1UL << bitcheck++)) {
1467 return CURLE_NOT_BUILT_IN; /* no supported types left! */
1469 data->set.proxyauth = auth;
1475 * Set proxy server:port to use as proxy.
1477 * If the proxy is set to "" (and CURLOPT_SOCKS_PROXY is set to "" or NULL)
1478 * we explicitly say that we don't want to use a proxy
1479 * (even though there might be environment variables saying so).
1481 * Setting it to NULL, means no proxy but allows the environment variables
1482 * to decide for us (if CURLOPT_SOCKS_PROXY setting it to NULL).
1484 result = setstropt(&data->set.str[STRING_PROXY],
1485 va_arg(param, char *));
1488 case CURLOPT_PRE_PROXY:
1490 * Set proxy server:port to use as SOCKS proxy.
1492 * If the proxy is set to "" or NULL we explicitly say that we don't want
1493 * to use the socks proxy.
1495 result = setstropt(&data->set.str[STRING_PRE_PROXY],
1496 va_arg(param, char *));
1499 case CURLOPT_PROXYTYPE:
1501 * Set proxy type. HTTP/HTTP_1_0/SOCKS4/SOCKS4a/SOCKS5/SOCKS5_HOSTNAME
1503 data->set.proxytype = (curl_proxytype)va_arg(param, long);
1506 case CURLOPT_PROXY_TRANSFER_MODE:
1508 * set transfer mode (;type=<a|i>) when doing FTP via an HTTP proxy
1510 switch(va_arg(param, long)) {
1512 data->set.proxy_transfer_mode = FALSE;
1515 data->set.proxy_transfer_mode = TRUE;
1518 /* reserve other values for future use */
1519 result = CURLE_UNKNOWN_OPTION;
1523 #endif /* CURL_DISABLE_PROXY */
1525 #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
1526 case CURLOPT_SOCKS5_GSSAPI_NEC:
1528 * Set flag for NEC SOCK5 support
1530 data->set.socks5_gssapi_nec = (0 != va_arg(param, long)) ? TRUE : FALSE;
1533 case CURLOPT_SOCKS5_GSSAPI_SERVICE:
1534 case CURLOPT_PROXY_SERVICE_NAME:
1536 * Set proxy authentication service name for Kerberos 5 and SPNEGO
1538 result = setstropt(&data->set.str[STRING_PROXY_SERVICE_NAME],
1539 va_arg(param, char *));
1543 #if !defined(CURL_DISABLE_CRYPTO_AUTH) || defined(USE_KERBEROS5) || \
1545 case CURLOPT_SERVICE_NAME:
1547 * Set authentication service name for DIGEST-MD5, Kerberos 5 and SPNEGO
1549 result = setstropt(&data->set.str[STRING_SERVICE_NAME],
1550 va_arg(param, char *));
1555 case CURLOPT_HEADERDATA:
1557 * Custom pointer to pass the header write callback function
1559 data->set.writeheader = (void *)va_arg(param, void *);
1561 case CURLOPT_ERRORBUFFER:
1563 * Error buffer provided by the caller to get the human readable
1566 data->set.errorbuffer = va_arg(param, char *);
1568 case CURLOPT_WRITEDATA:
1570 * FILE pointer to write to. Or possibly
1571 * used as argument to the write callback.
1573 data->set.out = va_arg(param, void *);
1575 case CURLOPT_FTPPORT:
1577 * Use FTP PORT, this also specifies which IP address to use
1579 result = setstropt(&data->set.str[STRING_FTPPORT],
1580 va_arg(param, char *));
1581 data->set.ftp_use_port = (data->set.str[STRING_FTPPORT]) ? TRUE : FALSE;
1584 case CURLOPT_FTP_USE_EPRT:
1585 data->set.ftp_use_eprt = (0 != va_arg(param, long)) ? TRUE : FALSE;
1588 case CURLOPT_FTP_USE_EPSV:
1589 data->set.ftp_use_epsv = (0 != va_arg(param, long)) ? TRUE : FALSE;
1592 case CURLOPT_FTP_USE_PRET:
1593 data->set.ftp_use_pret = (0 != va_arg(param, long)) ? TRUE : FALSE;
1596 case CURLOPT_FTP_SSL_CCC:
1597 data->set.ftp_ccc = (curl_ftpccc)va_arg(param, long);
1600 case CURLOPT_FTP_SKIP_PASV_IP:
1602 * Enable or disable FTP_SKIP_PASV_IP, which will disable/enable the
1603 * bypass of the IP address in PASV responses.
1605 data->set.ftp_skip_ip = (0 != va_arg(param, long)) ? TRUE : FALSE;
1608 case CURLOPT_READDATA:
1610 * FILE pointer to read the file to be uploaded from. Or possibly
1611 * used as argument to the read callback.
1613 data->set.in_set = va_arg(param, void *);
1615 case CURLOPT_INFILESIZE:
1617 * If known, this should inform curl about the file size of the
1618 * to-be-uploaded file.
1620 data->set.filesize = va_arg(param, long);
1622 case CURLOPT_INFILESIZE_LARGE:
1624 * If known, this should inform curl about the file size of the
1625 * to-be-uploaded file.
1627 data->set.filesize = va_arg(param, curl_off_t);
1629 case CURLOPT_LOW_SPEED_LIMIT:
1631 * The low speed limit that if transfers are below this for
1632 * CURLOPT_LOW_SPEED_TIME, the transfer is aborted.
1634 data->set.low_speed_limit=va_arg(param, long);
1636 case CURLOPT_MAX_SEND_SPEED_LARGE:
1638 * When transfer uploads are faster then CURLOPT_MAX_SEND_SPEED_LARGE
1639 * bytes per second the transfer is throttled..
1641 data->set.max_send_speed=va_arg(param, curl_off_t);
1643 case CURLOPT_MAX_RECV_SPEED_LARGE:
1645 * When receiving data faster than CURLOPT_MAX_RECV_SPEED_LARGE bytes per
1646 * second the transfer is throttled..
1648 data->set.max_recv_speed=va_arg(param, curl_off_t);
1650 case CURLOPT_LOW_SPEED_TIME:
1652 * The low speed time that if transfers are below the set
1653 * CURLOPT_LOW_SPEED_LIMIT during this time, the transfer is aborted.
1655 data->set.low_speed_time=va_arg(param, long);
1661 if(data->change.url_alloc) {
1662 /* the already set URL is allocated, free it first! */
1663 Curl_safefree(data->change.url);
1664 data->change.url_alloc = FALSE;
1666 result = setstropt(&data->set.str[STRING_SET_URL],
1667 va_arg(param, char *));
1668 data->change.url = data->set.str[STRING_SET_URL];
1672 * The port number to use when getting the URL
1674 data->set.use_port = va_arg(param, long);
1676 case CURLOPT_TIMEOUT:
1678 * The maximum time you allow curl to use for a single transfer
1681 data->set.timeout = va_arg(param, long) * 1000L;
1684 case CURLOPT_TIMEOUT_MS:
1685 data->set.timeout = va_arg(param, long);
1688 case CURLOPT_CONNECTTIMEOUT:
1690 * The maximum time you allow curl to use to connect.
1692 data->set.connecttimeout = va_arg(param, long) * 1000L;
1695 case CURLOPT_CONNECTTIMEOUT_MS:
1696 data->set.connecttimeout = va_arg(param, long);
1699 case CURLOPT_ACCEPTTIMEOUT_MS:
1701 * The maximum time you allow curl to wait for server connect
1703 data->set.accepttimeout = va_arg(param, long);
1706 case CURLOPT_USERPWD:
1708 * user:password to use in the operation
1710 result = setstropt_userpwd(va_arg(param, char *),
1711 &data->set.str[STRING_USERNAME],
1712 &data->set.str[STRING_PASSWORD]);
1715 case CURLOPT_USERNAME:
1717 * authentication user name to use in the operation
1719 result = setstropt(&data->set.str[STRING_USERNAME],
1720 va_arg(param, char *));
1723 case CURLOPT_PASSWORD:
1725 * authentication password to use in the operation
1727 result = setstropt(&data->set.str[STRING_PASSWORD],
1728 va_arg(param, char *));
1731 case CURLOPT_LOGIN_OPTIONS:
1733 * authentication options to use in the operation
1735 result = setstropt(&data->set.str[STRING_OPTIONS],
1736 va_arg(param, char *));
1739 case CURLOPT_XOAUTH2_BEARER:
1741 * OAuth 2.0 bearer token to use in the operation
1743 result = setstropt(&data->set.str[STRING_BEARER],
1744 va_arg(param, char *));
1747 case CURLOPT_POSTQUOTE:
1749 * List of RAW FTP commands to use after a transfer
1751 data->set.postquote = va_arg(param, struct curl_slist *);
1753 case CURLOPT_PREQUOTE:
1755 * List of RAW FTP commands to use prior to RETR (Wesley Laxton)
1757 data->set.prequote = va_arg(param, struct curl_slist *);
1761 * List of RAW FTP commands to use before a transfer
1763 data->set.quote = va_arg(param, struct curl_slist *);
1765 case CURLOPT_RESOLVE:
1767 * List of NAME:[address] names to populate the DNS cache with
1768 * Prefix the NAME with dash (-) to _remove_ the name from the cache.
1770 * Names added with this API will remain in the cache until explicitly
1771 * removed or the handle is cleaned up.
1773 * This API can remove any name from the DNS cache, but only entries
1774 * that aren't actually in use right now will be pruned immediately.
1776 data->set.resolve = va_arg(param, struct curl_slist *);
1777 data->change.resolve = data->set.resolve;
1779 case CURLOPT_PROGRESSFUNCTION:
1781 * Progress callback function
1783 data->set.fprogress = va_arg(param, curl_progress_callback);
1784 if(data->set.fprogress)
1785 data->progress.callback = TRUE; /* no longer internal */
1787 data->progress.callback = FALSE; /* NULL enforces internal */
1790 case CURLOPT_XFERINFOFUNCTION:
1792 * Transfer info callback function
1794 data->set.fxferinfo = va_arg(param, curl_xferinfo_callback);
1795 if(data->set.fxferinfo)
1796 data->progress.callback = TRUE; /* no longer internal */
1798 data->progress.callback = FALSE; /* NULL enforces internal */
1802 case CURLOPT_PROGRESSDATA:
1804 * Custom client data to pass to the progress callback
1806 data->set.progress_client = va_arg(param, void *);
1809 #ifndef CURL_DISABLE_PROXY
1810 case CURLOPT_PROXYUSERPWD:
1812 * user:password needed to use the proxy
1814 result = setstropt_userpwd(va_arg(param, char *),
1815 &data->set.str[STRING_PROXYUSERNAME],
1816 &data->set.str[STRING_PROXYPASSWORD]);
1818 case CURLOPT_PROXYUSERNAME:
1820 * authentication user name to use in the operation
1822 result = setstropt(&data->set.str[STRING_PROXYUSERNAME],
1823 va_arg(param, char *));
1825 case CURLOPT_PROXYPASSWORD:
1827 * authentication password to use in the operation
1829 result = setstropt(&data->set.str[STRING_PROXYPASSWORD],
1830 va_arg(param, char *));
1832 case CURLOPT_NOPROXY:
1834 * proxy exception list
1836 result = setstropt(&data->set.str[STRING_NOPROXY],
1837 va_arg(param, char *));
1843 * What range of the file you want to transfer
1845 result = setstropt(&data->set.str[STRING_SET_RANGE],
1846 va_arg(param, char *));
1848 case CURLOPT_RESUME_FROM:
1850 * Resume transfer at the give file position
1852 data->set.set_resume_from = va_arg(param, long);
1854 case CURLOPT_RESUME_FROM_LARGE:
1856 * Resume transfer at the give file position
1858 data->set.set_resume_from = va_arg(param, curl_off_t);
1860 case CURLOPT_DEBUGFUNCTION:
1862 * stderr write callback.
1864 data->set.fdebug = va_arg(param, curl_debug_callback);
1866 * if the callback provided is NULL, it'll use the default callback
1869 case CURLOPT_DEBUGDATA:
1871 * Set to a void * that should receive all error writes. This
1872 * defaults to CURLOPT_STDERR for normal operations.
1874 data->set.debugdata = va_arg(param, void *);
1876 case CURLOPT_STDERR:
1878 * Set to a FILE * that should receive all error writes. This
1879 * defaults to stderr for normal operations.
1881 data->set.err = va_arg(param, FILE *);
1883 data->set.err = stderr;
1885 case CURLOPT_HEADERFUNCTION:
1887 * Set header write callback
1889 data->set.fwrite_header = va_arg(param, curl_write_callback);
1891 case CURLOPT_WRITEFUNCTION:
1893 * Set data write callback
1895 data->set.fwrite_func = va_arg(param, curl_write_callback);
1896 if(!data->set.fwrite_func) {
1897 data->set.is_fwrite_set = 0;
1898 /* When set to NULL, reset to our internal default function */
1899 data->set.fwrite_func = (curl_write_callback)fwrite;
1902 data->set.is_fwrite_set = 1;
1904 case CURLOPT_READFUNCTION:
1906 * Read data callback
1908 data->set.fread_func_set = va_arg(param, curl_read_callback);
1909 if(!data->set.fread_func_set) {
1910 data->set.is_fread_set = 0;
1911 /* When set to NULL, reset to our internal default function */
1912 data->set.fread_func_set = (curl_read_callback)fread;
1915 data->set.is_fread_set = 1;
1917 case CURLOPT_SEEKFUNCTION:
1919 * Seek callback. Might be NULL.
1921 data->set.seek_func = va_arg(param, curl_seek_callback);
1923 case CURLOPT_SEEKDATA:
1925 * Seek control callback. Might be NULL.
1927 data->set.seek_client = va_arg(param, void *);
1929 case CURLOPT_CONV_FROM_NETWORK_FUNCTION:
1931 * "Convert from network encoding" callback
1933 data->set.convfromnetwork = va_arg(param, curl_conv_callback);
1935 case CURLOPT_CONV_TO_NETWORK_FUNCTION:
1937 * "Convert to network encoding" callback
1939 data->set.convtonetwork = va_arg(param, curl_conv_callback);
1941 case CURLOPT_CONV_FROM_UTF8_FUNCTION:
1943 * "Convert from UTF-8 encoding" callback
1945 data->set.convfromutf8 = va_arg(param, curl_conv_callback);
1947 case CURLOPT_IOCTLFUNCTION:
1949 * I/O control callback. Might be NULL.
1951 data->set.ioctl_func = va_arg(param, curl_ioctl_callback);
1953 case CURLOPT_IOCTLDATA:
1955 * I/O control data pointer. Might be NULL.
1957 data->set.ioctl_client = va_arg(param, void *);
1959 case CURLOPT_SSLCERT:
1961 * String that holds file name of the SSL certificate to use
1963 result = setstropt(&data->set.str[STRING_CERT_ORIG],
1964 va_arg(param, char *));
1966 case CURLOPT_PROXY_SSLCERT:
1968 * String that holds file name of the SSL certificate to use for proxy
1970 result = setstropt(&data->set.str[STRING_CERT_PROXY],
1971 va_arg(param, char *));
1973 case CURLOPT_SSLCERTTYPE:
1975 * String that holds file type of the SSL certificate to use
1977 result = setstropt(&data->set.str[STRING_CERT_TYPE_ORIG],
1978 va_arg(param, char *));
1980 case CURLOPT_PROXY_SSLCERTTYPE:
1982 * String that holds file type of the SSL certificate to use for proxy
1984 result = setstropt(&data->set.str[STRING_CERT_TYPE_PROXY],
1985 va_arg(param, char *));
1987 case CURLOPT_SSLKEY:
1989 * String that holds file name of the SSL key to use
1991 result = setstropt(&data->set.str[STRING_KEY_ORIG],
1992 va_arg(param, char *));
1994 case CURLOPT_PROXY_SSLKEY:
1996 * String that holds file name of the SSL key to use for proxy
1998 result = setstropt(&data->set.str[STRING_KEY_PROXY],
1999 va_arg(param, char *));
2001 case CURLOPT_SSLKEYTYPE:
2003 * String that holds file type of the SSL key to use
2005 result = setstropt(&data->set.str[STRING_KEY_TYPE_ORIG],
2006 va_arg(param, char *));
2008 case CURLOPT_PROXY_SSLKEYTYPE:
2010 * String that holds file type of the SSL key to use for proxy
2012 result = setstropt(&data->set.str[STRING_KEY_TYPE_PROXY],
2013 va_arg(param, char *));
2015 case CURLOPT_KEYPASSWD:
2017 * String that holds the SSL or SSH private key password.
2019 result = setstropt(&data->set.str[STRING_KEY_PASSWD_ORIG],
2020 va_arg(param, char *));
2022 case CURLOPT_PROXY_KEYPASSWD:
2024 * String that holds the SSL private key password for proxy.
2026 result = setstropt(&data->set.str[STRING_KEY_PASSWD_PROXY],
2027 va_arg(param, char *));
2029 case CURLOPT_SSLENGINE:
2031 * String that holds the SSL crypto engine.
2033 argptr = va_arg(param, char *);
2034 if(argptr && argptr[0])
2035 result = Curl_ssl_set_engine(data, argptr);
2038 case CURLOPT_SSLENGINE_DEFAULT:
2040 * flag to set engine as default.
2042 result = Curl_ssl_set_engine_default(data);
2046 * Kludgy option to enable CRLF conversions. Subject for removal.
2048 data->set.crlf = (0 != va_arg(param, long)) ? TRUE : FALSE;
2051 case CURLOPT_INTERFACE:
2053 * Set what interface or address/hostname to bind the socket to when
2054 * performing an operation and thus what from-IP your connection will use.
2056 result = setstropt(&data->set.str[STRING_DEVICE],
2057 va_arg(param, char *));
2059 case CURLOPT_LOCALPORT:
2061 * Set what local port to bind the socket to when performing an operation.
2063 data->set.localport = curlx_sltous(va_arg(param, long));
2065 case CURLOPT_LOCALPORTRANGE:
2067 * Set number of local ports to try, starting with CURLOPT_LOCALPORT.
2069 data->set.localportrange = curlx_sltosi(va_arg(param, long));
2071 case CURLOPT_KRBLEVEL:
2073 * A string that defines the kerberos security level.
2075 result = setstropt(&data->set.str[STRING_KRB_LEVEL],
2076 va_arg(param, char *));
2077 data->set.krb = (data->set.str[STRING_KRB_LEVEL]) ? TRUE : FALSE;
2079 case CURLOPT_GSSAPI_DELEGATION:
2081 * GSS-API credential delegation
2083 data->set.gssapi_delegation = va_arg(param, long);
2085 case CURLOPT_SSL_VERIFYPEER:
2087 * Enable peer SSL verifying.
2089 data->set.ssl.primary.verifypeer = (0 != va_arg(param, long)) ?
2092 case CURLOPT_PROXY_SSL_VERIFYPEER:
2094 * Enable peer SSL verifying for proxy.
2096 data->set.proxy_ssl.primary.verifypeer =
2097 (0 != va_arg(param, long))?TRUE:FALSE;
2099 case CURLOPT_SSL_VERIFYHOST:
2101 * Enable verification of the host name in the peer certificate
2103 arg = va_arg(param, long);
2105 /* Obviously people are not reading documentation and too many thought
2106 this argument took a boolean when it wasn't and misused it. We thus ban
2107 1 as a sensible input and we warn about its use. Then we only have the
2108 2 action internally stored as TRUE. */
2111 failf(data, "CURLOPT_SSL_VERIFYHOST no longer supports 1 as value!");
2112 return CURLE_BAD_FUNCTION_ARGUMENT;
2115 data->set.ssl.primary.verifyhost = (0 != arg) ? TRUE : FALSE;
2117 case CURLOPT_PROXY_SSL_VERIFYHOST:
2119 * Enable verification of the host name in the peer certificate for proxy
2121 arg = va_arg(param, long);
2123 /* Obviously people are not reading documentation and too many thought
2124 this argument took a boolean when it wasn't and misused it. We thus ban
2125 1 as a sensible input and we warn about its use. Then we only have the
2126 2 action internally stored as TRUE. */
2129 failf(data, "CURLOPT_SSL_VERIFYHOST no longer supports 1 as value!");
2130 return CURLE_BAD_FUNCTION_ARGUMENT;
2133 data->set.proxy_ssl.primary.verifyhost = (0 != arg)?TRUE:FALSE;
2135 case CURLOPT_SSL_VERIFYSTATUS:
2137 * Enable certificate status verifying.
2139 if(!Curl_ssl_cert_status_request()) {
2140 result = CURLE_NOT_BUILT_IN;
2144 data->set.ssl.primary.verifystatus = (0 != va_arg(param, long)) ?
2147 case CURLOPT_SSL_CTX_FUNCTION:
2148 #ifdef have_curlssl_ssl_ctx
2150 * Set a SSL_CTX callback
2152 data->set.ssl.fsslctx = va_arg(param, curl_ssl_ctx_callback);
2154 result = CURLE_NOT_BUILT_IN;
2157 case CURLOPT_SSL_CTX_DATA:
2158 #ifdef have_curlssl_ssl_ctx
2160 * Set a SSL_CTX callback parameter pointer
2162 data->set.ssl.fsslctxp = va_arg(param, void *);
2164 result = CURLE_NOT_BUILT_IN;
2167 case CURLOPT_SSL_FALSESTART:
2169 * Enable TLS false start.
2171 if(!Curl_ssl_false_start()) {
2172 result = CURLE_NOT_BUILT_IN;
2176 data->set.ssl.falsestart = (0 != va_arg(param, long)) ? TRUE : FALSE;
2178 case CURLOPT_CERTINFO:
2179 #ifdef have_curlssl_certinfo
2180 data->set.ssl.certinfo = (0 != va_arg(param, long)) ? TRUE : FALSE;
2182 result = CURLE_NOT_BUILT_IN;
2185 case CURLOPT_PINNEDPUBLICKEY:
2186 #ifdef have_curlssl_pinnedpubkey /* only by supported backends */
2188 * Set pinned public key for SSL connection.
2189 * Specify file name of the public key in DER format.
2191 result = setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG],
2192 va_arg(param, char *));
2194 result = CURLE_NOT_BUILT_IN;
2197 case CURLOPT_PROXY_PINNEDPUBLICKEY:
2198 #ifdef have_curlssl_pinnedpubkey /* only by supported backends */
2200 * Set pinned public key for SSL connection.
2201 * Specify file name of the public key in DER format.
2203 result = setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY],
2204 va_arg(param, char *));
2206 result = CURLE_NOT_BUILT_IN;
2209 case CURLOPT_CAINFO:
2211 * Set CA info for SSL connection. Specify file name of the CA certificate
2213 result = setstropt(&data->set.str[STRING_SSL_CAFILE_ORIG],
2214 va_arg(param, char *));
2216 case CURLOPT_PROXY_CAINFO:
2218 * Set CA info SSL connection for proxy. Specify file name of the
2221 result = setstropt(&data->set.str[STRING_SSL_CAFILE_PROXY],
2222 va_arg(param, char *));
2224 case CURLOPT_CAPATH:
2225 #ifdef have_curlssl_ca_path /* not supported by all backends */
2227 * Set CA path info for SSL connection. Specify directory name of the CA
2228 * certificates which have been prepared using openssl c_rehash utility.
2230 /* This does not work on windows. */
2231 result = setstropt(&data->set.str[STRING_SSL_CAPATH_ORIG],
2232 va_arg(param, char *));
2234 result = CURLE_NOT_BUILT_IN;
2237 case CURLOPT_PROXY_CAPATH:
2238 #ifdef have_curlssl_ca_path /* not supported by all backends */
2240 * Set CA path info for SSL connection proxy. Specify directory name of the
2241 * CA certificates which have been prepared using openssl c_rehash utility.
2243 /* This does not work on windows. */
2244 result = setstropt(&data->set.str[STRING_SSL_CAPATH_PROXY],
2245 va_arg(param, char *));
2247 result = CURLE_NOT_BUILT_IN;
2250 case CURLOPT_CRLFILE:
2252 * Set CRL file info for SSL connection. Specify file name of the CRL
2253 * to check certificates revocation
2255 result = setstropt(&data->set.str[STRING_SSL_CRLFILE_ORIG],
2256 va_arg(param, char *));
2258 case CURLOPT_PROXY_CRLFILE:
2260 * Set CRL file info for SSL connection for proxy. Specify file name of the
2261 * CRL to check certificates revocation
2263 result = setstropt(&data->set.str[STRING_SSL_CRLFILE_PROXY],
2264 va_arg(param, char *));
2266 case CURLOPT_ISSUERCERT:
2268 * Set Issuer certificate file
2269 * to check certificates issuer
2271 result = setstropt(&data->set.str[STRING_SSL_ISSUERCERT_ORIG],
2272 va_arg(param, char *));
2274 case CURLOPT_TELNETOPTIONS:
2276 * Set a linked list of telnet options
2278 data->set.telnet_options = va_arg(param, struct curl_slist *);
2281 case CURLOPT_BUFFERSIZE:
2283 * The application kindly asks for a differently sized receive buffer.
2284 * If it seems reasonable, we'll use it.
2286 data->set.buffer_size = va_arg(param, long);
2288 if(data->set.buffer_size > MAX_BUFSIZE)
2289 data->set.buffer_size = MAX_BUFSIZE; /* huge internal default */
2290 else if(data->set.buffer_size < 1)
2291 data->set.buffer_size = BUFSIZE;
2293 /* Resize only if larger than default buffer size. */
2294 if(data->set.buffer_size > BUFSIZE) {
2295 data->state.buffer = realloc(data->state.buffer,
2296 data->set.buffer_size + 1);
2297 if(!data->state.buffer) {
2298 DEBUGF(fprintf(stderr, "Error: realloc of buffer failed\n"));
2299 result = CURLE_OUT_OF_MEMORY;
2305 case CURLOPT_NOSIGNAL:
2307 * The application asks not to set any signal() or alarm() handlers,
2308 * even when using a timeout.
2310 data->set.no_signal = (0 != va_arg(param, long)) ? TRUE : FALSE;
2315 struct Curl_share *set;
2316 set = va_arg(param, struct Curl_share *);
2318 /* disconnect from old share, if any */
2320 Curl_share_lock(data, CURL_LOCK_DATA_SHARE, CURL_LOCK_ACCESS_SINGLE);
2322 if(data->dns.hostcachetype == HCACHE_SHARED) {
2323 data->dns.hostcache = NULL;
2324 data->dns.hostcachetype = HCACHE_NONE;
2327 #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
2328 if(data->share->cookies == data->cookies)
2329 data->cookies = NULL;
2332 if(data->share->sslsession == data->state.session)
2333 data->state.session = NULL;
2335 data->share->dirty--;
2337 Curl_share_unlock(data, CURL_LOCK_DATA_SHARE);
2341 /* use new share if it set */
2345 Curl_share_lock(data, CURL_LOCK_DATA_SHARE, CURL_LOCK_ACCESS_SINGLE);
2347 data->share->dirty++;
2349 if(data->share->specifier & (1<< CURL_LOCK_DATA_DNS)) {
2350 /* use shared host cache */
2351 data->dns.hostcache = &data->share->hostcache;
2352 data->dns.hostcachetype = HCACHE_SHARED;
2354 #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_COOKIES)
2355 if(data->share->cookies) {
2356 /* use shared cookie list, first free own one if any */
2357 Curl_cookie_cleanup(data->cookies);
2358 /* enable cookies since we now use a share that uses cookies! */
2359 data->cookies = data->share->cookies;
2361 #endif /* CURL_DISABLE_HTTP */
2362 if(data->share->sslsession) {
2363 data->set.general_ssl.max_ssl_sessions = data->share->max_ssl_sessions;
2364 data->state.session = data->share->sslsession;
2366 Curl_share_unlock(data, CURL_LOCK_DATA_SHARE);
2369 /* check for host cache not needed,
2370 * it will be done by curl_easy_perform */
2374 case CURLOPT_PRIVATE:
2376 * Set private data pointer.
2378 data->set.private_data = va_arg(param, void *);
2381 case CURLOPT_MAXFILESIZE:
2383 * Set the maximum size of a file to download.
2385 data->set.max_filesize = va_arg(param, long);
2389 case CURLOPT_USE_SSL:
2391 * Make transfers attempt to use SSL/TLS.
2393 data->set.use_ssl = (curl_usessl)va_arg(param, long);
2396 case CURLOPT_SSL_OPTIONS:
2397 arg = va_arg(param, long);
2398 data->set.ssl.enable_beast = arg&CURLSSLOPT_ALLOW_BEAST?TRUE:FALSE;
2399 data->set.ssl.no_revoke = !!(arg & CURLSSLOPT_NO_REVOKE);
2402 case CURLOPT_PROXY_SSL_OPTIONS:
2403 arg = va_arg(param, long);
2404 data->set.proxy_ssl.enable_beast = arg&CURLSSLOPT_ALLOW_BEAST?TRUE:FALSE;
2405 data->set.proxy_ssl.no_revoke = !!(arg & CURLSSLOPT_NO_REVOKE);
2409 case CURLOPT_FTPSSLAUTH:
2411 * Set a specific auth for FTP-SSL transfers.
2413 data->set.ftpsslauth = (curl_ftpauth)va_arg(param, long);
2416 case CURLOPT_IPRESOLVE:
2417 data->set.ipver = va_arg(param, long);
2420 case CURLOPT_MAXFILESIZE_LARGE:
2422 * Set the maximum size of a file to download.
2424 data->set.max_filesize = va_arg(param, curl_off_t);
2427 case CURLOPT_TCP_NODELAY:
2429 * Enable or disable TCP_NODELAY, which will disable/enable the Nagle
2432 data->set.tcp_nodelay = (0 != va_arg(param, long)) ? TRUE : FALSE;
2435 case CURLOPT_FTP_ACCOUNT:
2436 result = setstropt(&data->set.str[STRING_FTP_ACCOUNT],
2437 va_arg(param, char *));
2440 case CURLOPT_IGNORE_CONTENT_LENGTH:
2441 data->set.ignorecl = (0 != va_arg(param, long)) ? TRUE : FALSE;
2444 case CURLOPT_CONNECT_ONLY:
2446 * No data transfer, set up connection and let application use the socket
2448 data->set.connect_only = (0 != va_arg(param, long)) ? TRUE : FALSE;
2451 case CURLOPT_FTP_ALTERNATIVE_TO_USER:
2452 result = setstropt(&data->set.str[STRING_FTP_ALTERNATIVE_TO_USER],
2453 va_arg(param, char *));
2456 case CURLOPT_SOCKOPTFUNCTION:
2458 * socket callback function: called after socket() but before connect()
2460 data->set.fsockopt = va_arg(param, curl_sockopt_callback);
2463 case CURLOPT_SOCKOPTDATA:
2465 * socket callback data pointer. Might be NULL.
2467 data->set.sockopt_client = va_arg(param, void *);
2470 case CURLOPT_OPENSOCKETFUNCTION:
2472 * open/create socket callback function: called instead of socket(),
2475 data->set.fopensocket = va_arg(param, curl_opensocket_callback);
2478 case CURLOPT_OPENSOCKETDATA:
2480 * socket callback data pointer. Might be NULL.
2482 data->set.opensocket_client = va_arg(param, void *);
2485 case CURLOPT_CLOSESOCKETFUNCTION:
2487 * close socket callback function: called instead of close()
2488 * when shutting down a connection
2490 data->set.fclosesocket = va_arg(param, curl_closesocket_callback);
2493 case CURLOPT_CLOSESOCKETDATA:
2495 * socket callback data pointer. Might be NULL.
2497 data->set.closesocket_client = va_arg(param, void *);
2500 case CURLOPT_SSL_SESSIONID_CACHE:
2501 data->set.ssl.primary.sessionid = (0 != va_arg(param, long)) ?
2503 data->set.proxy_ssl.primary.sessionid = data->set.ssl.primary.sessionid;
2507 /* we only include SSH options if explicitly built to support SSH */
2508 case CURLOPT_SSH_AUTH_TYPES:
2509 data->set.ssh_auth_types = va_arg(param, long);
2512 case CURLOPT_SSH_PUBLIC_KEYFILE:
2514 * Use this file instead of the $HOME/.ssh/id_dsa.pub file
2516 result = setstropt(&data->set.str[STRING_SSH_PUBLIC_KEY],
2517 va_arg(param, char *));
2520 case CURLOPT_SSH_PRIVATE_KEYFILE:
2522 * Use this file instead of the $HOME/.ssh/id_dsa file
2524 result = setstropt(&data->set.str[STRING_SSH_PRIVATE_KEY],
2525 va_arg(param, char *));
2527 case CURLOPT_SSH_HOST_PUBLIC_KEY_MD5:
2529 * Option to allow for the MD5 of the host public key to be checked
2530 * for validation purposes.
2532 result = setstropt(&data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5],
2533 va_arg(param, char *));
2535 #ifdef HAVE_LIBSSH2_KNOWNHOST_API
2536 case CURLOPT_SSH_KNOWNHOSTS:
2538 * Store the file name to read known hosts from.
2540 result = setstropt(&data->set.str[STRING_SSH_KNOWNHOSTS],
2541 va_arg(param, char *));
2544 case CURLOPT_SSH_KEYFUNCTION:
2545 /* setting to NULL is fine since the ssh.c functions themselves will
2546 then rever to use the internal default */
2547 data->set.ssh_keyfunc = va_arg(param, curl_sshkeycallback);
2550 case CURLOPT_SSH_KEYDATA:
2552 * Custom client data to pass to the SSH keyfunc callback
2554 data->set.ssh_keyfunc_userp = va_arg(param, void *);
2556 #endif /* HAVE_LIBSSH2_KNOWNHOST_API */
2558 #endif /* USE_LIBSSH2 */
2560 case CURLOPT_HTTP_TRANSFER_DECODING:
2562 * disable libcurl transfer encoding is used
2564 data->set.http_te_skip = (0 == va_arg(param, long)) ? TRUE : FALSE;
2567 case CURLOPT_HTTP_CONTENT_DECODING:
2569 * raw data passed to the application when content encoding is used
2571 data->set.http_ce_skip = (0 == va_arg(param, long)) ? TRUE : FALSE;
2574 case CURLOPT_NEW_FILE_PERMS:
2576 * Uses these permissions instead of 0644
2578 data->set.new_file_perms = va_arg(param, long);
2581 case CURLOPT_NEW_DIRECTORY_PERMS:
2583 * Uses these permissions instead of 0755
2585 data->set.new_directory_perms = va_arg(param, long);
2588 case CURLOPT_ADDRESS_SCOPE:
2590 * We always get longs when passed plain numericals, but for this value we
2591 * know that an unsigned int will always hold the value so we blindly
2592 * typecast to this type
2594 data->set.scope_id = curlx_sltoui(va_arg(param, long));
2597 case CURLOPT_PROTOCOLS:
2598 /* set the bitmask for the protocols that are allowed to be used for the
2599 transfer, which thus helps the app which takes URLs from users or other
2600 external inputs and want to restrict what protocol(s) to deal
2601 with. Defaults to CURLPROTO_ALL. */
2602 data->set.allowed_protocols = va_arg(param, long);
2605 case CURLOPT_REDIR_PROTOCOLS:
2606 /* set the bitmask for the protocols that libcurl is allowed to follow to,
2607 as a subset of the CURLOPT_PROTOCOLS ones. That means the protocol needs
2608 to be set in both bitmasks to be allowed to get redirected to. Defaults
2609 to all protocols except FILE and SCP. */
2610 data->set.redir_protocols = va_arg(param, long);
2613 case CURLOPT_DEFAULT_PROTOCOL:
2614 /* Set the protocol to use when the URL doesn't include any protocol */
2615 result = setstropt(&data->set.str[STRING_DEFAULT_PROTOCOL],
2616 va_arg(param, char *));
2619 case CURLOPT_MAIL_FROM:
2620 /* Set the SMTP mail originator */
2621 result = setstropt(&data->set.str[STRING_MAIL_FROM],
2622 va_arg(param, char *));
2625 case CURLOPT_MAIL_AUTH:
2626 /* Set the SMTP auth originator */
2627 result = setstropt(&data->set.str[STRING_MAIL_AUTH],
2628 va_arg(param, char *));
2631 case CURLOPT_MAIL_RCPT:
2632 /* Set the list of mail recipients */
2633 data->set.mail_rcpt = va_arg(param, struct curl_slist *);
2636 case CURLOPT_SASL_IR:
2637 /* Enable/disable SASL initial response */
2638 data->set.sasl_ir = (0 != va_arg(param, long)) ? TRUE : FALSE;
2641 case CURLOPT_RTSP_REQUEST:
2644 * Set the RTSP request method (OPTIONS, SETUP, PLAY, etc...)
2645 * Would this be better if the RTSPREQ_* were just moved into here?
2647 long curl_rtspreq = va_arg(param, long);
2648 Curl_RtspReq rtspreq = RTSPREQ_NONE;
2649 switch(curl_rtspreq) {
2650 case CURL_RTSPREQ_OPTIONS:
2651 rtspreq = RTSPREQ_OPTIONS;
2654 case CURL_RTSPREQ_DESCRIBE:
2655 rtspreq = RTSPREQ_DESCRIBE;
2658 case CURL_RTSPREQ_ANNOUNCE:
2659 rtspreq = RTSPREQ_ANNOUNCE;
2662 case CURL_RTSPREQ_SETUP:
2663 rtspreq = RTSPREQ_SETUP;
2666 case CURL_RTSPREQ_PLAY:
2667 rtspreq = RTSPREQ_PLAY;
2670 case CURL_RTSPREQ_PAUSE:
2671 rtspreq = RTSPREQ_PAUSE;
2674 case CURL_RTSPREQ_TEARDOWN:
2675 rtspreq = RTSPREQ_TEARDOWN;
2678 case CURL_RTSPREQ_GET_PARAMETER:
2679 rtspreq = RTSPREQ_GET_PARAMETER;
2682 case CURL_RTSPREQ_SET_PARAMETER:
2683 rtspreq = RTSPREQ_SET_PARAMETER;
2686 case CURL_RTSPREQ_RECORD:
2687 rtspreq = RTSPREQ_RECORD;
2690 case CURL_RTSPREQ_RECEIVE:
2691 rtspreq = RTSPREQ_RECEIVE;
2694 rtspreq = RTSPREQ_NONE;
2697 data->set.rtspreq = rtspreq;
2702 case CURLOPT_RTSP_SESSION_ID:
2704 * Set the RTSP Session ID manually. Useful if the application is
2705 * resuming a previously established RTSP session
2707 result = setstropt(&data->set.str[STRING_RTSP_SESSION_ID],
2708 va_arg(param, char *));
2711 case CURLOPT_RTSP_STREAM_URI:
2713 * Set the Stream URI for the RTSP request. Unless the request is
2714 * for generic server options, the application will need to set this.
2716 result = setstropt(&data->set.str[STRING_RTSP_STREAM_URI],
2717 va_arg(param, char *));
2720 case CURLOPT_RTSP_TRANSPORT:
2722 * The content of the Transport: header for the RTSP request
2724 result = setstropt(&data->set.str[STRING_RTSP_TRANSPORT],
2725 va_arg(param, char *));
2728 case CURLOPT_RTSP_CLIENT_CSEQ:
2730 * Set the CSEQ number to issue for the next RTSP request. Useful if the
2731 * application is resuming a previously broken connection. The CSEQ
2732 * will increment from this new number henceforth.
2734 data->state.rtsp_next_client_CSeq = va_arg(param, long);
2737 case CURLOPT_RTSP_SERVER_CSEQ:
2738 /* Same as the above, but for server-initiated requests */
2739 data->state.rtsp_next_client_CSeq = va_arg(param, long);
2742 case CURLOPT_INTERLEAVEDATA:
2743 data->set.rtp_out = va_arg(param, void *);
2745 case CURLOPT_INTERLEAVEFUNCTION:
2746 /* Set the user defined RTP write function */
2747 data->set.fwrite_rtp = va_arg(param, curl_write_callback);
2750 case CURLOPT_WILDCARDMATCH:
2751 data->set.wildcardmatch = (0 != va_arg(param, long)) ? TRUE : FALSE;
2753 case CURLOPT_CHUNK_BGN_FUNCTION:
2754 data->set.chunk_bgn = va_arg(param, curl_chunk_bgn_callback);
2756 case CURLOPT_CHUNK_END_FUNCTION:
2757 data->set.chunk_end = va_arg(param, curl_chunk_end_callback);
2759 case CURLOPT_FNMATCH_FUNCTION:
2760 data->set.fnmatch = va_arg(param, curl_fnmatch_callback);
2762 case CURLOPT_CHUNK_DATA:
2763 data->wildcard.customptr = va_arg(param, void *);
2765 case CURLOPT_FNMATCH_DATA:
2766 data->set.fnmatch_data = va_arg(param, void *);
2769 case CURLOPT_TLSAUTH_USERNAME:
2770 result = setstropt(&data->set.str[STRING_TLSAUTH_USERNAME_ORIG],
2771 va_arg(param, char *));
2772 if(data->set.str[STRING_TLSAUTH_USERNAME_ORIG] && !data->set.ssl.authtype)
2773 data->set.ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
2775 case CURLOPT_PROXY_TLSAUTH_USERNAME:
2776 result = setstropt(&data->set.str[STRING_TLSAUTH_USERNAME_PROXY],
2777 va_arg(param, char *));
2778 if(data->set.str[STRING_TLSAUTH_USERNAME_PROXY] &&
2779 !data->set.proxy_ssl.authtype)
2780 data->set.proxy_ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
2782 case CURLOPT_TLSAUTH_PASSWORD:
2783 result = setstropt(&data->set.str[STRING_TLSAUTH_PASSWORD_ORIG],
2784 va_arg(param, char *));
2785 if(data->set.str[STRING_TLSAUTH_USERNAME_ORIG] && !data->set.ssl.authtype)
2786 data->set.ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
2788 case CURLOPT_PROXY_TLSAUTH_PASSWORD:
2789 result = setstropt(&data->set.str[STRING_TLSAUTH_PASSWORD_PROXY],
2790 va_arg(param, char *));
2791 if(data->set.str[STRING_TLSAUTH_USERNAME_PROXY] &&
2792 !data->set.proxy_ssl.authtype)
2793 data->set.proxy_ssl.authtype = CURL_TLSAUTH_SRP; /* default to SRP */
2795 case CURLOPT_TLSAUTH_TYPE:
2796 if(strncasecompare((char *)va_arg(param, char *), "SRP", strlen("SRP")))
2797 data->set.ssl.authtype = CURL_TLSAUTH_SRP;
2799 data->set.ssl.authtype = CURL_TLSAUTH_NONE;
2801 case CURLOPT_PROXY_TLSAUTH_TYPE:
2802 if(strncasecompare((char *)va_arg(param, char *), "SRP", strlen("SRP")))
2803 data->set.proxy_ssl.authtype = CURL_TLSAUTH_SRP;
2805 data->set.proxy_ssl.authtype = CURL_TLSAUTH_NONE;
2808 case CURLOPT_DNS_SERVERS:
2809 result = Curl_set_dns_servers(data, va_arg(param, char *));
2811 case CURLOPT_DNS_INTERFACE:
2812 result = Curl_set_dns_interface(data, va_arg(param, char *));
2814 case CURLOPT_DNS_LOCAL_IP4:
2815 result = Curl_set_dns_local_ip4(data, va_arg(param, char *));
2817 case CURLOPT_DNS_LOCAL_IP6:
2818 result = Curl_set_dns_local_ip6(data, va_arg(param, char *));
2821 case CURLOPT_TCP_KEEPALIVE:
2822 data->set.tcp_keepalive = (0 != va_arg(param, long)) ? TRUE : FALSE;
2824 case CURLOPT_TCP_KEEPIDLE:
2825 data->set.tcp_keepidle = va_arg(param, long);
2827 case CURLOPT_TCP_KEEPINTVL:
2828 data->set.tcp_keepintvl = va_arg(param, long);
2830 case CURLOPT_TCP_FASTOPEN:
2831 #if defined(CONNECT_DATA_IDEMPOTENT) || defined(MSG_FASTOPEN)
2832 data->set.tcp_fastopen = (0 != va_arg(param, long))?TRUE:FALSE;
2834 result = CURLE_NOT_BUILT_IN;
2837 case CURLOPT_SSL_ENABLE_NPN:
2838 data->set.ssl_enable_npn = (0 != va_arg(param, long)) ? TRUE : FALSE;
2840 case CURLOPT_SSL_ENABLE_ALPN:
2841 data->set.ssl_enable_alpn = (0 != va_arg(param, long)) ? TRUE : FALSE;
2844 #ifdef USE_UNIX_SOCKETS
2845 case CURLOPT_UNIX_SOCKET_PATH:
2846 data->set.abstract_unix_socket = FALSE;
2847 result = setstropt(&data->set.str[STRING_UNIX_SOCKET_PATH],
2848 va_arg(param, char *));
2850 case CURLOPT_ABSTRACT_UNIX_SOCKET:
2851 data->set.abstract_unix_socket = TRUE;
2852 result = setstropt(&data->set.str[STRING_UNIX_SOCKET_PATH],
2853 va_arg(param, char *));
2857 case CURLOPT_PATH_AS_IS:
2858 data->set.path_as_is = (0 != va_arg(param, long)) ? TRUE : FALSE;
2860 case CURLOPT_PIPEWAIT:
2861 data->set.pipewait = (0 != va_arg(param, long)) ? TRUE : FALSE;
2863 case CURLOPT_STREAM_WEIGHT:
2865 return CURLE_NOT_BUILT_IN;
2867 arg = va_arg(param, long);
2868 if((arg>=1) && (arg <= 256))
2869 data->set.stream_weight = (int)arg;
2872 case CURLOPT_STREAM_DEPENDS:
2873 case CURLOPT_STREAM_DEPENDS_E:
2876 return CURLE_NOT_BUILT_IN;
2878 struct Curl_easy *dep = va_arg(param, struct Curl_easy *);
2879 if(!dep || GOOD_EASY_HANDLE(dep)) {
2880 if(data->set.stream_depends_on) {
2881 Curl_http2_remove_child(data->set.stream_depends_on, data);
2883 Curl_http2_add_child(dep, data, (option == CURLOPT_STREAM_DEPENDS_E));
2888 case CURLOPT_CONNECT_TO:
2889 data->set.connect_to = va_arg(param, struct curl_slist *);
2892 /* unknown tag and its companion, just ignore: */
2893 result = CURLE_UNKNOWN_OPTION;
2900 #ifdef USE_RECV_BEFORE_SEND_WORKAROUND
2901 static void conn_reset_postponed_data(struct connectdata *conn, int num)
2903 struct postponed_data * const psnd = &(conn->postponed[num]);
2905 DEBUGASSERT(psnd->allocated_size > 0);
2906 DEBUGASSERT(psnd->recv_size <= psnd->allocated_size);
2907 DEBUGASSERT(psnd->recv_size ?
2908 (psnd->recv_processed < psnd->recv_size) :
2909 (psnd->recv_processed == 0));
2910 DEBUGASSERT(psnd->bindsock != CURL_SOCKET_BAD);
2912 psnd->buffer = NULL;
2913 psnd->allocated_size = 0;
2914 psnd->recv_size = 0;
2915 psnd->recv_processed = 0;
2917 psnd->bindsock = CURL_SOCKET_BAD; /* used only for DEBUGASSERT */
2918 #endif /* DEBUGBUILD */
2921 DEBUGASSERT(psnd->allocated_size == 0);
2922 DEBUGASSERT(psnd->recv_size == 0);
2923 DEBUGASSERT(psnd->recv_processed == 0);
2924 DEBUGASSERT(psnd->bindsock == CURL_SOCKET_BAD);
2928 static void conn_reset_all_postponed_data(struct connectdata *conn)
2930 conn_reset_postponed_data(conn, 0);
2931 conn_reset_postponed_data(conn, 1);
2933 #else /* ! USE_RECV_BEFORE_SEND_WORKAROUND */
2934 /* Use "do-nothing" macros instead of functions when workaround not used */
2935 #define conn_reset_postponed_data(c,n) do {} WHILE_FALSE
2936 #define conn_reset_all_postponed_data(c) do {} WHILE_FALSE
2937 #endif /* ! USE_RECV_BEFORE_SEND_WORKAROUND */
2939 static void conn_free(struct connectdata *conn)
2944 /* possible left-overs from the async name resolvers */
2945 Curl_resolver_cancel(conn);
2947 /* close the SSL stuff before we close any sockets since they will/may
2948 write to the sockets */
2949 Curl_ssl_close(conn, FIRSTSOCKET);
2950 Curl_ssl_close(conn, SECONDARYSOCKET);
2952 /* close possibly still open sockets */
2953 if(CURL_SOCKET_BAD != conn->sock[SECONDARYSOCKET])
2954 Curl_closesocket(conn, conn->sock[SECONDARYSOCKET]);
2955 if(CURL_SOCKET_BAD != conn->sock[FIRSTSOCKET])
2956 Curl_closesocket(conn, conn->sock[FIRSTSOCKET]);
2957 if(CURL_SOCKET_BAD != conn->tempsock[0])
2958 Curl_closesocket(conn, conn->tempsock[0]);
2959 if(CURL_SOCKET_BAD != conn->tempsock[1])
2960 Curl_closesocket(conn, conn->tempsock[1]);
2962 #if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \
2963 defined(NTLM_WB_ENABLED)
2964 Curl_ntlm_wb_cleanup(conn);
2967 Curl_safefree(conn->user);
2968 Curl_safefree(conn->passwd);
2969 Curl_safefree(conn->oauth_bearer);
2970 Curl_safefree(conn->options);
2971 Curl_safefree(conn->http_proxy.user);
2972 Curl_safefree(conn->socks_proxy.user);
2973 Curl_safefree(conn->http_proxy.passwd);
2974 Curl_safefree(conn->socks_proxy.passwd);
2975 Curl_safefree(conn->allocptr.proxyuserpwd);
2976 Curl_safefree(conn->allocptr.uagent);
2977 Curl_safefree(conn->allocptr.userpwd);
2978 Curl_safefree(conn->allocptr.accept_encoding);
2979 Curl_safefree(conn->allocptr.te);
2980 Curl_safefree(conn->allocptr.rangeline);
2981 Curl_safefree(conn->allocptr.ref);
2982 Curl_safefree(conn->allocptr.host);
2983 Curl_safefree(conn->allocptr.cookiehost);
2984 Curl_safefree(conn->allocptr.rtsp_transport);
2985 Curl_safefree(conn->trailer);
2986 Curl_safefree(conn->host.rawalloc); /* host name buffer */
2987 Curl_safefree(conn->conn_to_host.rawalloc); /* host name buffer */
2988 Curl_safefree(conn->secondaryhostname);
2989 Curl_safefree(conn->http_proxy.host.rawalloc); /* http proxy name buffer */
2990 Curl_safefree(conn->socks_proxy.host.rawalloc); /* socks proxy name buffer */
2991 Curl_safefree(conn->master_buffer);
2993 conn_reset_all_postponed_data(conn);
2995 Curl_llist_destroy(conn->send_pipe, NULL);
2996 Curl_llist_destroy(conn->recv_pipe, NULL);
2998 conn->send_pipe = NULL;
2999 conn->recv_pipe = NULL;
3001 Curl_safefree(conn->localdev);
3002 Curl_free_primary_ssl_config(&conn->ssl_config);
3003 Curl_free_primary_ssl_config(&conn->proxy_ssl_config);
3005 #ifdef USE_UNIX_SOCKETS
3006 Curl_safefree(conn->unix_domain_socket);
3009 free(conn); /* free all the connection oriented data */
3013 * Disconnects the given connection. Note the connection may not be the
3014 * primary connection, like when freeing room in the connection cache or
3015 * killing of a dead old connection.
3017 * This function MUST NOT reset state in the Curl_easy struct if that
3018 * isn't strictly bound to the life-time of *this* particular connection.
3022 CURLcode Curl_disconnect(struct connectdata *conn, bool dead_connection)
3024 struct Curl_easy *data;
3026 return CURLE_OK; /* this is closed and fine already */
3030 DEBUGF(fprintf(stderr, "DISCONNECT without easy handle, ignoring\n"));
3035 * If this connection isn't marked to force-close, leave it open if there
3036 * are other users of it
3038 if(!conn->bits.close &&
3039 (conn->send_pipe->size + conn->recv_pipe->size)) {
3040 DEBUGF(infof(data, "Curl_disconnect, usecounter: %d\n",
3041 conn->send_pipe->size + conn->recv_pipe->size));
3045 if(conn->dns_entry != NULL) {
3046 Curl_resolv_unlock(data, conn->dns_entry);
3047 conn->dns_entry = NULL;
3050 Curl_hostcache_prune(data); /* kill old DNS cache entries */
3052 #if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM)
3053 /* Cleanup NTLM connection-related data */
3054 Curl_http_ntlm_cleanup(conn);
3057 if(conn->handler->disconnect)
3058 /* This is set if protocol-specific cleanups should be made */
3059 conn->handler->disconnect(conn, dead_connection);
3061 /* unlink ourselves! */
3062 infof(data, "Closing connection %ld\n", conn->connection_id);
3063 Curl_conncache_remove_conn(data->state.conn_cache, conn);
3065 free_fixed_hostname(&conn->host);
3066 free_fixed_hostname(&conn->conn_to_host);
3067 free_fixed_hostname(&conn->http_proxy.host);
3068 free_fixed_hostname(&conn->socks_proxy.host);
3070 Curl_ssl_close(conn, FIRSTSOCKET);
3072 /* Indicate to all handles on the pipe that we're dead */
3073 if(Curl_pipeline_wanted(data->multi, CURLPIPE_ANY)) {
3074 signalPipeClose(conn->send_pipe, TRUE);
3075 signalPipeClose(conn->recv_pipe, TRUE);
3084 * This function should return TRUE if the socket is to be assumed to
3085 * be dead. Most commonly this happens when the server has closed the
3086 * connection due to inactivity.
3088 static bool SocketIsDead(curl_socket_t sock)
3091 bool ret_val = TRUE;
3093 sval = SOCKET_READABLE(sock, 0);
3102 * IsPipeliningPossible() returns TRUE if the options set would allow
3103 * pipelining/multiplexing and the connection is using a HTTP protocol.
3105 static bool IsPipeliningPossible(const struct Curl_easy *handle,
3106 const struct connectdata *conn)
3108 /* If a HTTP protocol and pipelining is enabled */
3109 if((conn->handler->protocol & PROTO_FAMILY_HTTP) &&
3110 (!conn->bits.protoconnstart || !conn->bits.close)) {
3112 if(Curl_pipeline_wanted(handle->multi, CURLPIPE_HTTP1) &&
3113 (handle->set.httpversion != CURL_HTTP_VERSION_1_0) &&
3114 (handle->set.httpreq == HTTPREQ_GET ||
3115 handle->set.httpreq == HTTPREQ_HEAD))
3116 /* didn't ask for HTTP/1.0 and a GET or HEAD */
3119 if(Curl_pipeline_wanted(handle->multi, CURLPIPE_MULTIPLEX) &&
3120 (handle->set.httpversion >= CURL_HTTP_VERSION_2))
3127 int Curl_removeHandleFromPipeline(struct Curl_easy *handle,
3128 struct curl_llist *pipeline)
3131 struct curl_llist_element *curr;
3133 curr = pipeline->head;
3135 if(curr->ptr == handle) {
3136 Curl_llist_remove(pipeline, curr, NULL);
3137 return 1; /* we removed a handle */
3146 #if 0 /* this code is saved here as it is useful for debugging purposes */
3147 static void Curl_printPipeline(struct curl_llist *pipeline)
3149 struct curl_llist_element *curr;
3151 curr = pipeline->head;
3153 struct Curl_easy *data = (struct Curl_easy *) curr->ptr;
3154 infof(data, "Handle in pipeline: %s\n", data->state.path);
3160 static struct Curl_easy* gethandleathead(struct curl_llist *pipeline)
3162 struct curl_llist_element *curr = pipeline->head;
3164 return (struct Curl_easy *) curr->ptr;
3170 /* remove the specified connection from all (possible) pipelines and related
3172 void Curl_getoff_all_pipelines(struct Curl_easy *data,
3173 struct connectdata *conn)
3175 bool recv_head = (conn->readchannel_inuse &&
3176 Curl_recvpipe_head(data, conn));
3177 bool send_head = (conn->writechannel_inuse &&
3178 Curl_sendpipe_head(data, conn));
3180 if(Curl_removeHandleFromPipeline(data, conn->recv_pipe) && recv_head)
3181 Curl_pipeline_leave_read(conn);
3182 if(Curl_removeHandleFromPipeline(data, conn->send_pipe) && send_head)
3183 Curl_pipeline_leave_write(conn);
3186 static void signalPipeClose(struct curl_llist *pipeline, bool pipe_broke)
3188 struct curl_llist_element *curr;
3193 curr = pipeline->head;
3195 struct curl_llist_element *next = curr->next;
3196 struct Curl_easy *data = (struct Curl_easy *) curr->ptr;
3198 #ifdef DEBUGBUILD /* debug-only code */
3199 if(data->magic != CURLEASY_MAGIC_NUMBER) {
3201 infof(data, "signalPipeClose() found BAAD easy handle\n");
3206 data->state.pipe_broke = TRUE;
3207 Curl_multi_handlePipeBreak(data);
3208 Curl_llist_remove(pipeline, curr, NULL);
3214 * This function finds the connection in the connection
3215 * cache that has been unused for the longest time.
3217 * Returns the pointer to the oldest idle connection, or NULL if none was
3220 struct connectdata *
3221 Curl_oldest_idle_connection(struct Curl_easy *data)
3223 struct conncache *bc = data->state.conn_cache;
3224 struct curl_hash_iterator iter;
3225 struct curl_llist_element *curr;
3226 struct curl_hash_element *he;
3227 time_t highscore=-1;
3230 struct connectdata *conn_candidate = NULL;
3231 struct connectbundle *bundle;
3235 Curl_hash_start_iterate(&bc->hash, &iter);
3237 he = Curl_hash_next_element(&iter);
3239 struct connectdata *conn;
3243 curr = bundle->conn_list->head;
3248 /* Set higher score for the age passed since the connection was used */
3249 score = Curl_tvdiff(now, conn->now);
3251 if(score > highscore) {
3253 conn_candidate = conn;
3259 he = Curl_hash_next_element(&iter);
3262 return conn_candidate;
3266 proxy_info_matches(const struct proxy_info* data,
3267 const struct proxy_info* needle)
3269 if((data->proxytype == needle->proxytype) &&
3270 (data->port == needle->port) &&
3271 Curl_safe_strcasecompare(data->host.name, needle->host.name) &&
3272 Curl_safe_strcasecompare(data->user, needle->user) &&
3273 Curl_safe_strcasecompare(data->passwd, needle->passwd))
3281 * This function finds the connection in the connection
3282 * bundle that has been unused for the longest time.
3284 * Returns the pointer to the oldest idle connection, or NULL if none was
3287 static struct connectdata *
3288 find_oldest_idle_connection_in_bundle(struct Curl_easy *data,
3289 struct connectbundle *bundle)
3291 struct curl_llist_element *curr;
3292 time_t highscore=-1;
3295 struct connectdata *conn_candidate = NULL;
3296 struct connectdata *conn;
3302 curr = bundle->conn_list->head;
3307 /* Set higher score for the age passed since the connection was used */
3308 score = Curl_tvdiff(now, conn->now);
3310 if(score > highscore) {
3312 conn_candidate = conn;
3318 return conn_candidate;
3322 * This function checks if given connection is dead and disconnects if so.
3323 * (That also removes it from the connection cache.)
3325 * Returns TRUE if the connection actually was dead and disconnected.
3327 static bool disconnect_if_dead(struct connectdata *conn,
3328 struct Curl_easy *data)
3330 size_t pipeLen = conn->send_pipe->size + conn->recv_pipe->size;
3331 if(!pipeLen && !conn->inuse) {
3332 /* The check for a dead socket makes sense only if there are no
3333 handles in pipeline and the connection isn't already marked in
3336 if(conn->handler->protocol & CURLPROTO_RTSP)
3337 /* RTSP is a special case due to RTP interleaving */
3338 dead = Curl_rtsp_connisdead(conn);
3340 dead = SocketIsDead(conn->sock[FIRSTSOCKET]);
3344 infof(data, "Connection %ld seems to be dead!\n", conn->connection_id);
3346 /* disconnect resources */
3347 Curl_disconnect(conn, /* dead_connection */TRUE);
3355 * Wrapper to use disconnect_if_dead() function in Curl_conncache_foreach()
3359 static int call_disconnect_if_dead(struct connectdata *conn,
3362 struct Curl_easy* data = (struct Curl_easy*)param;
3363 disconnect_if_dead(conn, data);
3364 return 0; /* continue iteration */
3368 * This function scans the connection cache for half-open/dead connections,
3369 * closes and removes them.
3370 * The cleanup is done at most once per second.
3372 static void prune_dead_connections(struct Curl_easy *data)
3374 struct timeval now = Curl_tvnow();
3375 time_t elapsed = Curl_tvdiff(now, data->state.conn_cache->last_cleanup);
3377 if(elapsed >= 1000L) {
3378 Curl_conncache_foreach(data->state.conn_cache, data,
3379 call_disconnect_if_dead);
3380 data->state.conn_cache->last_cleanup = now;
3385 static size_t max_pipeline_length(struct Curl_multi *multi)
3387 return multi ? multi->max_pipeline_length : 0;
3392 * Given one filled in connection struct (named needle), this function should
3393 * detect if there already is one that has all the significant details
3394 * exactly the same and thus should be used instead.
3396 * If there is a match, this function returns TRUE - and has marked the
3397 * connection as 'in-use'. It must later be called with ConnectionDone() to
3398 * return back to 'idle' (unused) state.
3400 * The force_reuse flag is set if the connection must be used, even if
3401 * the pipelining strategy wants to open a new connection instead of reusing.
3404 ConnectionExists(struct Curl_easy *data,
3405 struct connectdata *needle,
3406 struct connectdata **usethis,
3410 struct connectdata *check;
3411 struct connectdata *chosen = 0;
3412 bool foundPendingCandidate = FALSE;
3413 bool canPipeline = IsPipeliningPossible(data, needle);
3414 struct connectbundle *bundle;
3417 bool wantNTLMhttp = ((data->state.authhost.want &
3418 (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
3419 (needle->handler->protocol & PROTO_FAMILY_HTTP));
3420 bool wantProxyNTLMhttp = (needle->bits.proxy_user_passwd &&
3421 ((data->state.authproxy.want &
3422 (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
3423 (needle->handler->protocol & PROTO_FAMILY_HTTP)));
3426 *force_reuse = FALSE;
3429 /* We can't pipe if the site is blacklisted */
3430 if(canPipeline && Curl_pipeline_site_blacklisted(data, needle)) {
3431 canPipeline = FALSE;
3434 /* Look up the bundle with all the connections to this
3436 bundle = Curl_conncache_find_bundle(needle, data->state.conn_cache);
3438 /* Max pipe length is zero (unlimited) for multiplexed connections */
3439 size_t max_pipe_len = (bundle->multiuse != BUNDLE_MULTIPLEX)?
3440 max_pipeline_length(data->multi):0;
3441 size_t best_pipe_len = max_pipe_len;
3442 struct curl_llist_element *curr;
3444 infof(data, "Found bundle for host %s: %p [%s]\n",
3445 (needle->bits.conn_to_host ? needle->conn_to_host.name :
3446 needle->host.name), (void *)bundle,
3447 (bundle->multiuse == BUNDLE_PIPELINING ?
3449 (bundle->multiuse == BUNDLE_MULTIPLEX ?
3450 "can multiplex" : "serially")));
3452 /* We can't pipe if we don't know anything about the server */
3454 if(bundle->multiuse <= BUNDLE_UNKNOWN) {
3455 if((bundle->multiuse == BUNDLE_UNKNOWN) && data->set.pipewait) {
3456 infof(data, "Server doesn't support multi-use yet, wait\n");
3458 return FALSE; /* no re-use */
3461 infof(data, "Server doesn't support multi-use (yet)\n");
3462 canPipeline = FALSE;
3464 if((bundle->multiuse == BUNDLE_PIPELINING) &&
3465 !Curl_pipeline_wanted(data->multi, CURLPIPE_HTTP1)) {
3466 /* not asked for, switch off */
3467 infof(data, "Could pipeline, but not asked to!\n");
3468 canPipeline = FALSE;
3470 else if((bundle->multiuse == BUNDLE_MULTIPLEX) &&
3471 !Curl_pipeline_wanted(data->multi, CURLPIPE_MULTIPLEX)) {
3472 infof(data, "Could multiplex, but not asked to!\n");
3473 canPipeline = FALSE;
3477 curr = bundle->conn_list->head;
3483 * Note that if we use a HTTP proxy in normal mode (no tunneling), we
3484 * check connections to that proxy and not to the actual remote server.
3489 if(disconnect_if_dead(check, data))
3492 pipeLen = check->send_pipe->size + check->recv_pipe->size;
3495 if(check->bits.protoconnstart && check->bits.close)
3498 if(!check->bits.multiplex) {
3499 /* If not multiplexing, make sure the pipe has only GET requests */
3500 struct Curl_easy* sh = gethandleathead(check->send_pipe);
3501 struct Curl_easy* rh = gethandleathead(check->recv_pipe);
3503 if(!IsPipeliningPossible(sh, check))
3507 if(!IsPipeliningPossible(rh, check))
3514 /* can only happen within multi handles, and means that another easy
3515 handle is using this connection */
3519 if(Curl_resolver_asynch()) {
3520 /* ip_addr_str[0] is NUL only if the resolving of the name hasn't
3521 completed yet and until then we don't re-use this connection */
3522 if(!check->ip_addr_str[0]) {
3524 "Connection #%ld is still name resolving, can't reuse\n",
3525 check->connection_id);
3530 if((check->sock[FIRSTSOCKET] == CURL_SOCKET_BAD) ||
3531 check->bits.close) {
3532 if(!check->bits.close)
3533 foundPendingCandidate = TRUE;
3534 /* Don't pick a connection that hasn't connected yet or that is going
3536 infof(data, "Connection #%ld isn't open enough, can't reuse\n",
3537 check->connection_id);
3539 if(check->recv_pipe->size > 0) {
3541 "BAD! Unconnected #%ld has a non-empty recv pipeline!\n",
3542 check->connection_id);
3549 #ifdef USE_UNIX_SOCKETS
3550 if(needle->unix_domain_socket) {
3551 if(!check->unix_domain_socket)
3553 if(strcmp(needle->unix_domain_socket, check->unix_domain_socket))
3555 if(needle->abstract_unix_socket != check->abstract_unix_socket)
3558 else if(check->unix_domain_socket)
3562 if((needle->handler->flags&PROTOPT_SSL) !=
3563 (check->handler->flags&PROTOPT_SSL))
3564 /* don't do mixed SSL and non-SSL connections */
3565 if(get_protocol_family(check->handler->protocol) !=
3566 needle->handler->protocol || !check->tls_upgraded)
3567 /* except protocols that have been upgraded via TLS */
3570 if(needle->bits.httpproxy != check->bits.httpproxy ||
3571 needle->bits.socksproxy != check->bits.socksproxy)
3574 if(needle->bits.socksproxy && !proxy_info_matches(&needle->socks_proxy,
3575 &check->socks_proxy))
3578 if(needle->bits.conn_to_host != check->bits.conn_to_host)
3579 /* don't mix connections that use the "connect to host" feature and
3580 * connections that don't use this feature */
3583 if(needle->bits.conn_to_port != check->bits.conn_to_port)
3584 /* don't mix connections that use the "connect to port" feature and
3585 * connections that don't use this feature */
3588 if(needle->bits.httpproxy) {
3589 if(!proxy_info_matches(&needle->http_proxy, &check->http_proxy))
3592 if(needle->bits.tunnel_proxy != check->bits.tunnel_proxy)
3595 if(needle->http_proxy.proxytype == CURLPROXY_HTTPS) {
3596 /* use https proxy */
3597 if(needle->handler->flags&PROTOPT_SSL) {
3598 /* use double layer ssl */
3599 if(!Curl_ssl_config_matches(&needle->proxy_ssl_config,
3600 &check->proxy_ssl_config))
3602 if(check->proxy_ssl[FIRSTSOCKET].state != ssl_connection_complete)
3606 if(!Curl_ssl_config_matches(&needle->ssl_config,
3607 &check->ssl_config))
3609 if(check->ssl[FIRSTSOCKET].state != ssl_connection_complete)
3615 if(!canPipeline && check->inuse)
3616 /* this request can't be pipelined but the checked connection is
3617 already in use so we skip it */
3620 if(needle->localdev || needle->localport) {
3621 /* If we are bound to a specific local end (IP+port), we must not
3622 re-use a random other one, although if we didn't ask for a
3623 particular one we can reuse one that was bound.
3625 This comparison is a bit rough and too strict. Since the input
3626 parameters can be specified in numerous ways and still end up the
3627 same it would take a lot of processing to make it really accurate.
3628 Instead, this matching will assume that re-uses of bound connections
3629 will most likely also re-use the exact same binding parameters and
3630 missing out a few edge cases shouldn't hurt anyone very much.
3632 if((check->localport != needle->localport) ||
3633 (check->localportrange != needle->localportrange) ||
3634 (needle->localdev &&
3635 (!check->localdev || strcmp(check->localdev, needle->localdev))))
3639 if(!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) {
3640 /* This protocol requires credentials per connection,
3641 so verify that we're using the same name and password as well */
3642 if(strcmp(needle->user, check->user) ||
3643 strcmp(needle->passwd, check->passwd)) {
3644 /* one of them was different */
3649 if(!needle->bits.httpproxy || (needle->handler->flags&PROTOPT_SSL) ||
3650 needle->bits.tunnel_proxy) {
3651 /* The requested connection does not use a HTTP proxy or it uses SSL or
3652 it is a non-SSL protocol tunneled or it is a non-SSL protocol which
3653 is allowed to be upgraded via TLS */
3655 if((strcasecompare(needle->handler->scheme, check->handler->scheme) ||
3656 (get_protocol_family(check->handler->protocol) ==
3657 needle->handler->protocol && check->tls_upgraded)) &&
3658 (!needle->bits.conn_to_host || strcasecompare(
3659 needle->conn_to_host.name, check->conn_to_host.name)) &&
3660 (!needle->bits.conn_to_port ||
3661 needle->conn_to_port == check->conn_to_port) &&
3662 strcasecompare(needle->host.name, check->host.name) &&
3663 needle->remote_port == check->remote_port) {
3664 /* The schemes match or the the protocol family is the same and the
3665 previous connection was TLS upgraded, and the hostname and host
3667 if(needle->handler->flags & PROTOPT_SSL) {
3668 /* This is a SSL connection so verify that we're using the same
3669 SSL options as well */
3670 if(!Curl_ssl_config_matches(&needle->ssl_config,
3671 &check->ssl_config)) {
3673 "Connection #%ld has different SSL parameters, "
3675 check->connection_id));
3678 else if(check->ssl[FIRSTSOCKET].state != ssl_connection_complete) {
3679 foundPendingCandidate = TRUE;
3681 "Connection #%ld has not started SSL connect, "
3683 check->connection_id));
3691 /* The requested connection is using the same HTTP proxy in normal
3692 mode (no tunneling) */
3697 #if defined(USE_NTLM)
3698 /* If we are looking for an HTTP+NTLM connection, check if this is
3699 already authenticating with the right credentials. If not, keep
3700 looking so that we can reuse NTLM connections if
3701 possible. (Especially we must not reuse the same connection if
3702 partway through a handshake!) */
3704 if(strcmp(needle->user, check->user) ||
3705 strcmp(needle->passwd, check->passwd))
3708 else if(check->ntlm.state != NTLMSTATE_NONE) {
3709 /* Connection is using NTLM auth but we don't want NTLM */
3713 /* Same for Proxy NTLM authentication */
3714 if(wantProxyNTLMhttp) {
3715 /* Both check->http_proxy.user and check->http_proxy.passwd can be
3717 if(!check->http_proxy.user || !check->http_proxy.passwd)
3720 if(strcmp(needle->http_proxy.user, check->http_proxy.user) ||
3721 strcmp(needle->http_proxy.passwd, check->http_proxy.passwd))
3724 else if(check->proxyntlm.state != NTLMSTATE_NONE) {
3725 /* Proxy connection is using NTLM auth but we don't want NTLM */
3729 if(wantNTLMhttp || wantProxyNTLMhttp) {
3730 /* Credentials are already checked, we can use this connection */
3734 (check->ntlm.state != NTLMSTATE_NONE)) ||
3735 (wantProxyNTLMhttp &&
3736 (check->proxyntlm.state != NTLMSTATE_NONE))) {
3737 /* We must use this connection, no other */
3738 *force_reuse = TRUE;
3742 /* Continue look up for a better connection */
3747 /* We can pipeline if we want to. Let's continue looking for
3748 the optimal connection to use, i.e the shortest pipe that is not
3752 /* We have the optimal connection. Let's stop looking. */
3757 /* We can't use the connection if the pipe is full */
3758 if(max_pipe_len && (pipeLen >= max_pipe_len)) {
3759 infof(data, "Pipe is full, skip (%zu)\n", pipeLen);
3763 /* If multiplexed, make sure we don't go over concurrency limit */
3764 if(check->bits.multiplex) {
3765 /* Multiplexed connections can only be HTTP/2 for now */
3766 struct http_conn *httpc = &check->proto.httpc;
3767 if(pipeLen >= httpc->settings.max_concurrent_streams) {
3768 infof(data, "MAX_CONCURRENT_STREAMS reached, skip (%zu)\n",
3774 /* We can't use the connection if the pipe is penalized */
3775 if(Curl_pipeline_penalized(data, check)) {
3776 infof(data, "Penalized, skip\n");
3781 if(pipeLen < best_pipe_len) {
3782 /* This connection has a shorter pipe so far. We'll pick this
3783 and continue searching */
3785 best_pipe_len = pipeLen;
3790 /* When not pipelining (== multiplexed), we have a match here! */
3792 infof(data, "Multiplexed connection found!\n");
3797 /* We have found a connection. Let's stop searching. */
3807 return TRUE; /* yes, we found one to use! */
3810 if(foundPendingCandidate && data->set.pipewait) {
3812 "Found pending candidate for reuse and CURLOPT_PIPEWAIT is set\n");
3816 return FALSE; /* no matching connecting exists */
3819 /* after a TCP connection to the proxy has been verified, this function does
3820 the next magic step.
3822 Note: this function's sub-functions call failf()
3825 CURLcode Curl_connected_proxy(struct connectdata *conn, int sockindex)
3827 CURLcode result = CURLE_OK;
3829 if(conn->bits.socksproxy) {
3830 #ifndef CURL_DISABLE_PROXY
3831 /* for the secondary socket (FTP), use the "connect to host"
3832 * but ignore the "connect to port" (use the secondary port)
3834 const char * const host = conn->bits.httpproxy ?
3835 conn->http_proxy.host.name :
3836 conn->bits.conn_to_host ?
3837 conn->conn_to_host.name :
3838 sockindex == SECONDARYSOCKET ?
3839 conn->secondaryhostname : conn->host.name;
3840 const int port = conn->bits.httpproxy ? (int)conn->http_proxy.port :
3841 sockindex == SECONDARYSOCKET ? conn->secondary_port :
3842 conn->bits.conn_to_port ? conn->conn_to_port :
3844 conn->bits.socksproxy_connecting = TRUE;
3845 switch(conn->socks_proxy.proxytype) {
3846 case CURLPROXY_SOCKS5:
3847 case CURLPROXY_SOCKS5_HOSTNAME:
3848 result = Curl_SOCKS5(conn->socks_proxy.user, conn->socks_proxy.passwd,
3849 host, port, sockindex, conn);
3852 case CURLPROXY_SOCKS4:
3853 case CURLPROXY_SOCKS4A:
3854 result = Curl_SOCKS4(conn->socks_proxy.user, host, port, sockindex,
3859 failf(conn->data, "unknown proxytype option given");
3860 result = CURLE_COULDNT_CONNECT;
3861 } /* switch proxytype */
3862 conn->bits.socksproxy_connecting = FALSE;
3865 #endif /* CURL_DISABLE_PROXY */
3872 * verboseconnect() displays verbose information after a connect
3874 #ifndef CURL_DISABLE_VERBOSE_STRINGS
3875 void Curl_verboseconnect(struct connectdata *conn)
3877 if(conn->data->set.verbose)
3878 infof(conn->data, "Connected to %s (%s) port %ld (#%ld)\n",
3879 conn->bits.socksproxy ? conn->socks_proxy.host.dispname :
3880 conn->bits.httpproxy ? conn->http_proxy.host.dispname :
3881 conn->bits.conn_to_host ? conn->conn_to_host.dispname :
3882 conn->host.dispname,
3883 conn->ip_addr_str, conn->port, conn->connection_id);
3887 int Curl_protocol_getsock(struct connectdata *conn,
3888 curl_socket_t *socks,
3891 if(conn->handler->proto_getsock)
3892 return conn->handler->proto_getsock(conn, socks, numsocks);
3893 return GETSOCK_BLANK;
3896 int Curl_doing_getsock(struct connectdata *conn,
3897 curl_socket_t *socks,
3900 if(conn && conn->handler->doing_getsock)
3901 return conn->handler->doing_getsock(conn, socks, numsocks);
3902 return GETSOCK_BLANK;
3906 * We are doing protocol-specific connecting and this is being called over and
3907 * over from the multi interface until the connection phase is done on
3911 CURLcode Curl_protocol_connecting(struct connectdata *conn,
3914 CURLcode result=CURLE_OK;
3916 if(conn && conn->handler->connecting) {
3918 result = conn->handler->connecting(conn, done);
3927 * We are DOING this is being called over and over from the multi interface
3928 * until the DOING phase is done on protocol layer.
3931 CURLcode Curl_protocol_doing(struct connectdata *conn, bool *done)
3933 CURLcode result=CURLE_OK;
3935 if(conn && conn->handler->doing) {
3937 result = conn->handler->doing(conn, done);
3946 * We have discovered that the TCP connection has been successful, we can now
3947 * proceed with some action.
3950 CURLcode Curl_protocol_connect(struct connectdata *conn,
3951 bool *protocol_done)
3953 CURLcode result=CURLE_OK;
3955 *protocol_done = FALSE;
3957 if(conn->bits.tcpconnect[FIRSTSOCKET] && conn->bits.protoconnstart) {
3958 /* We already are connected, get back. This may happen when the connect
3959 worked fine in the first call, like when we connect to a local server
3960 or proxy. Note that we don't know if the protocol is actually done.
3962 Unless this protocol doesn't have any protocol-connect callback, as
3963 then we know we're done. */
3964 if(!conn->handler->connecting)
3965 *protocol_done = TRUE;
3970 if(!conn->bits.protoconnstart) {
3972 result = Curl_proxy_connect(conn, FIRSTSOCKET);
3976 if(CONNECT_FIRSTSOCKET_PROXY_SSL())
3977 /* wait for HTTPS proxy SSL initialization to complete */
3980 if(conn->bits.tunnel_proxy && conn->bits.httpproxy &&
3981 (conn->tunnel_state[FIRSTSOCKET] != TUNNEL_COMPLETE))
3982 /* when using an HTTP tunnel proxy, await complete tunnel establishment
3983 before proceeding further. Return CURLE_OK so we'll be called again */
3986 if(conn->handler->connect_it) {
3987 /* is there a protocol-specific connect() procedure? */
3989 /* Call the protocol-specific connect function */
3990 result = conn->handler->connect_it(conn, protocol_done);
3993 *protocol_done = TRUE;
3995 /* it has started, possibly even completed but that knowledge isn't stored
3998 conn->bits.protoconnstart = TRUE;
4001 return result; /* pass back status */
4005 * Helpers for IDNA convertions.
4007 static bool is_ASCII_name(const char *hostname)
4009 const unsigned char *ch = (const unsigned char *)hostname;
4019 * Perform any necessary IDN conversion of hostname
4021 static void fix_hostname(struct connectdata *conn, struct hostname *host)
4024 struct Curl_easy *data = conn->data;
4029 #elif defined(CURL_DISABLE_VERBOSE_STRINGS)
4033 /* set the name we use to display the host name */
4034 host->dispname = host->name;
4036 len = strlen(host->name);
4037 if(len && (host->name[len-1] == '.'))
4038 /* strip off a single trailing dot if present, primarily for SNI but
4039 there's no use for it */
4040 host->name[len-1]=0;
4042 /* Check name for non-ASCII and convert hostname to ACE form if we can */
4043 if(!is_ASCII_name(host->name)) {
4045 if(idn2_check_version(IDN2_VERSION)) {
4046 char *ace_hostname = NULL;
4047 #if IDN2_VERSION_NUMBER >= 0x00140000
4048 /* IDN2_NFC_INPUT: Normalize input string using normalization form C.
4049 IDN2_NONTRANSITIONAL: Perform Unicode TR46 non-transitional
4051 int flags = IDN2_NFC_INPUT | IDN2_NONTRANSITIONAL;
4053 int flags = IDN2_NFC_INPUT;
4055 int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, flags);
4057 host->encalloc = (char *)ace_hostname;
4058 /* change the name pointer to point to the encoded hostname */
4059 host->name = host->encalloc;
4062 infof(data, "Failed to convert %s to ACE; %s\n", host->name,
4065 #elif defined(USE_WIN32_IDN)
4066 char *ace_hostname = NULL;
4068 if(curl_win32_idn_to_ascii(host->name, &ace_hostname)) {
4069 host->encalloc = ace_hostname;
4070 /* change the name pointer to point to the encoded hostname */
4071 host->name = host->encalloc;
4074 infof(data, "Failed to convert %s to ACE;\n", host->name);
4076 infof(data, "IDN support not present, can't parse Unicode domains\n");
4082 * Frees data allocated by fix_hostname()
4084 static void free_fixed_hostname(struct hostname *host)
4086 #if defined(USE_LIBIDN2)
4087 if(host->encalloc) {
4088 idn2_free(host->encalloc); /* must be freed with idn2_free() since this was
4089 allocated by libidn */
4090 host->encalloc = NULL;
4092 #elif defined(USE_WIN32_IDN)
4093 free(host->encalloc); /* must be freed withidn_free() since this was
4094 allocated by curl_win32_idn_to_ascii */
4095 host->encalloc = NULL;
4101 static void llist_dtor(void *user, void *element)
4109 * Allocate and initialize a new connectdata object.
4111 static struct connectdata *allocate_conn(struct Curl_easy *data)
4113 struct connectdata *conn = calloc(1, sizeof(struct connectdata));
4117 conn->handler = &Curl_handler_dummy; /* Be sure we have a handler defined
4118 already from start to avoid NULL
4119 situations and checks */
4121 /* and we setup a few fields in case we end up actually using this struct */
4123 conn->sock[FIRSTSOCKET] = CURL_SOCKET_BAD; /* no file descriptor */
4124 conn->sock[SECONDARYSOCKET] = CURL_SOCKET_BAD; /* no file descriptor */
4125 conn->tempsock[0] = CURL_SOCKET_BAD; /* no file descriptor */
4126 conn->tempsock[1] = CURL_SOCKET_BAD; /* no file descriptor */
4127 conn->connection_id = -1; /* no ID */
4128 conn->port = -1; /* unknown at this point */
4129 conn->remote_port = -1; /* unknown at this point */
4130 #if defined(USE_RECV_BEFORE_SEND_WORKAROUND) && defined(DEBUGBUILD)
4131 conn->postponed[0].bindsock = CURL_SOCKET_BAD; /* no file descriptor */
4132 conn->postponed[1].bindsock = CURL_SOCKET_BAD; /* no file descriptor */
4133 #endif /* USE_RECV_BEFORE_SEND_WORKAROUND && DEBUGBUILD */
4135 /* Default protocol-independent behavior doesn't support persistent
4136 connections, so we set this to force-close. Protocols that support
4137 this need to set this to FALSE in their "curl_do" functions. */
4138 connclose(conn, "Default to force-close");
4140 /* Store creation time to help future close decision making */
4141 conn->created = Curl_tvnow();
4143 conn->data = data; /* Setup the association between this connection
4144 and the Curl_easy */
4146 conn->http_proxy.proxytype = data->set.proxytype;
4147 conn->socks_proxy.proxytype = CURLPROXY_SOCKS4;
4149 #ifdef CURL_DISABLE_PROXY
4151 conn->bits.proxy = FALSE;
4152 conn->bits.httpproxy = FALSE;
4153 conn->bits.socksproxy = FALSE;
4154 conn->bits.proxy_user_passwd = FALSE;
4155 conn->bits.tunnel_proxy = FALSE;
4157 #else /* CURL_DISABLE_PROXY */
4159 /* note that these two proxy bits are now just on what looks to be
4160 requested, they may be altered down the road */
4161 conn->bits.proxy = (data->set.str[STRING_PROXY] &&
4162 *data->set.str[STRING_PROXY]) ? TRUE : FALSE;
4163 conn->bits.httpproxy = (conn->bits.proxy &&
4164 (conn->http_proxy.proxytype == CURLPROXY_HTTP ||
4165 conn->http_proxy.proxytype == CURLPROXY_HTTP_1_0 ||
4166 conn->http_proxy.proxytype == CURLPROXY_HTTPS)) ?
4168 conn->bits.socksproxy = (conn->bits.proxy &&
4169 !conn->bits.httpproxy) ? TRUE : FALSE;
4171 if(data->set.str[STRING_PRE_PROXY] && *data->set.str[STRING_PRE_PROXY]) {
4172 conn->bits.proxy = TRUE;
4173 conn->bits.socksproxy = TRUE;
4176 conn->bits.proxy_user_passwd =
4177 (data->set.str[STRING_PROXYUSERNAME]) ? TRUE : FALSE;
4178 conn->bits.tunnel_proxy = data->set.tunnel_thru_httpproxy;
4180 #endif /* CURL_DISABLE_PROXY */
4182 conn->bits.user_passwd = (data->set.str[STRING_USERNAME]) ? TRUE : FALSE;
4183 conn->bits.ftp_use_epsv = data->set.ftp_use_epsv;
4184 conn->bits.ftp_use_eprt = data->set.ftp_use_eprt;
4186 conn->ssl_config.verifystatus = data->set.ssl.primary.verifystatus;
4187 conn->ssl_config.verifypeer = data->set.ssl.primary.verifypeer;
4188 conn->ssl_config.verifyhost = data->set.ssl.primary.verifyhost;
4189 conn->proxy_ssl_config.verifystatus =
4190 data->set.proxy_ssl.primary.verifystatus;
4191 conn->proxy_ssl_config.verifypeer = data->set.proxy_ssl.primary.verifypeer;
4192 conn->proxy_ssl_config.verifyhost = data->set.proxy_ssl.primary.verifyhost;
4194 conn->ip_version = data->set.ipver;
4196 #if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \
4197 defined(NTLM_WB_ENABLED)
4198 conn->ntlm_auth_hlpr_socket = CURL_SOCKET_BAD;
4199 conn->ntlm_auth_hlpr_pid = 0;
4200 conn->challenge_header = NULL;
4201 conn->response_header = NULL;
4204 if(Curl_pipeline_wanted(data->multi, CURLPIPE_HTTP1) &&
4205 !conn->master_buffer) {
4206 /* Allocate master_buffer to be used for HTTP/1 pipelining */
4207 conn->master_buffer = calloc(BUFSIZE, sizeof(char));
4208 if(!conn->master_buffer)
4212 /* Initialize the pipeline lists */
4213 conn->send_pipe = Curl_llist_alloc((curl_llist_dtor) llist_dtor);
4214 conn->recv_pipe = Curl_llist_alloc((curl_llist_dtor) llist_dtor);
4215 if(!conn->send_pipe || !conn->recv_pipe)
4219 conn->data_prot = PROT_CLEAR;
4222 /* Store the local bind parameters that will be used for this connection */
4223 if(data->set.str[STRING_DEVICE]) {
4224 conn->localdev = strdup(data->set.str[STRING_DEVICE]);
4228 conn->localportrange = data->set.localportrange;
4229 conn->localport = data->set.localport;
4231 /* the close socket stuff needs to be copied to the connection struct as
4232 it may live on without (this specific) Curl_easy */
4233 conn->fclosesocket = data->set.fclosesocket;
4234 conn->closesocket_client = data->set.closesocket_client;
4239 Curl_llist_destroy(conn->send_pipe, NULL);
4240 Curl_llist_destroy(conn->recv_pipe, NULL);
4242 conn->send_pipe = NULL;
4243 conn->recv_pipe = NULL;
4245 free(conn->master_buffer);
4246 free(conn->localdev);
4251 static CURLcode findprotocol(struct Curl_easy *data,
4252 struct connectdata *conn,
4253 const char *protostr)
4255 const struct Curl_handler * const *pp;
4256 const struct Curl_handler *p;
4258 /* Scan protocol handler table and match against 'protostr' to set a few
4259 variables based on the URL. Now that the handler may be changed later
4260 when the protocol specific setup function is called. */
4261 for(pp = protocols; (p = *pp) != NULL; pp++) {
4262 if(strcasecompare(p->scheme, protostr)) {
4263 /* Protocol found in table. Check if allowed */
4264 if(!(data->set.allowed_protocols & p->protocol))
4268 /* it is allowed for "normal" request, now do an extra check if this is
4269 the result of a redirect */
4270 if(data->state.this_is_a_follow &&
4271 !(data->set.redir_protocols & p->protocol))
4275 /* Perform setup complement if some. */
4276 conn->handler = conn->given = p;
4278 /* 'port' and 'remote_port' are set in setup_connection_internals() */
4284 /* The protocol was not found in the table, but we don't have to assign it
4285 to anything since it is already assigned to a dummy-struct in the
4286 create_conn() function when the connectdata struct is allocated. */
4287 failf(data, "Protocol \"%s\" not supported or disabled in " LIBCURL_NAME,
4290 return CURLE_UNSUPPORTED_PROTOCOL;
4294 * Parse URL and fill in the relevant members of the connection struct.
4296 static CURLcode parseurlandfillconn(struct Curl_easy *data,
4297 struct connectdata *conn,
4299 char **userp, char **passwdp,
4304 char *path = data->state.path;
4308 const char *protop = "";
4310 bool rebuild_url = FALSE;
4311 bool url_has_scheme = FALSE;
4314 *prot_missing = FALSE;
4316 /* We might pass the entire URL into the request so we need to make sure
4317 * there are no bad characters in there.*/
4318 if(strpbrk(data->change.url, "\r\n")) {
4319 failf(data, "Illegal characters found in URL");
4320 return CURLE_URL_MALFORMAT;
4323 /*************************************************************
4326 * We need to parse the url even when using the proxy, because we will need
4327 * the hostname and port in case we are trying to SSL connect through the
4328 * proxy -- and we don't know if we will need to use SSL until we parse the
4330 ************************************************************/
4331 if(data->change.url[0] == ':') {
4332 failf(data, "Bad URL, colon is first character");
4333 return CURLE_URL_MALFORMAT;
4336 /* Make sure we don't mistake a drive letter for a scheme, for example:
4337 curld --proto-default file c:/foo/bar.txt */
4338 if((('a' <= data->change.url[0] && data->change.url[0] <= 'z') ||
4339 ('A' <= data->change.url[0] && data->change.url[0] <= 'Z')) &&
4340 data->change.url[1] == ':' && data->set.str[STRING_DEFAULT_PROTOCOL] &&
4341 strcasecompare(data->set.str[STRING_DEFAULT_PROTOCOL], "file")) {
4344 else { /* check for a scheme */
4345 for(i = 0; i < 16 && data->change.url[i]; ++i) {
4346 if(data->change.url[i] == '/')
4348 if(data->change.url[i] == ':') {
4349 url_has_scheme = TRUE;
4355 /* handle the file: scheme */
4356 if((url_has_scheme && strncasecompare(data->change.url, "file:", 5)) ||
4357 (!url_has_scheme && data->set.str[STRING_DEFAULT_PROTOCOL] &&
4358 strcasecompare(data->set.str[STRING_DEFAULT_PROTOCOL], "file"))) {
4359 bool path_has_drive = FALSE;
4362 rc = sscanf(data->change.url, "%*15[^\n/:]:%[^\n]", path);
4364 rc = sscanf(data->change.url, "%[^\n]", path);
4367 failf(data, "Bad URL");
4368 return CURLE_URL_MALFORMAT;
4371 if(url_has_scheme && path[0] == '/' && path[1] == '/') {
4372 /* Allow omitted hostname (e.g. file:/<path>). This is not strictly
4373 * speaking a valid file: URL by RFC 1738, but treating file:/<path> as
4374 * file://localhost/<path> is similar to how other schemes treat missing
4375 * hostnames. See RFC 1808. */
4377 /* This cannot be done with strcpy() in a portable manner, since the
4378 memory areas overlap! */
4379 memmove(path, path + 2, strlen(path + 2)+1);
4382 /* the path may start with a drive letter. for backwards compatibility
4383 we skip some processing on those paths. */
4384 path_has_drive = (('a' <= path[0] && path[0] <= 'z') ||
4385 ('A' <= path[0] && path[0] <= 'Z')) && path[1] == ':';
4388 * we deal with file://<host>/<path> differently since it supports no
4389 * hostname other than "localhost" and "127.0.0.1", which is unique among
4390 * the URL protocols specified in RFC 1738
4392 if(path[0] != '/' && !path_has_drive) {
4393 /* the URL includes a host name, it must match "localhost" or
4394 "127.0.0.1" to be valid */
4396 if(!checkprefix("localhost/", path) &&
4397 !checkprefix("127.0.0.1/", path)) {
4398 failf(data, "Invalid file://hostname/, "
4399 "expected localhost or 127.0.0.1 or none");
4400 return CURLE_URL_MALFORMAT;
4402 ptr = &path[9]; /* now points to the slash after the host */
4404 /* there was a host name and slash present
4406 RFC1738 (section 3.1, page 5) says:
4408 The rest of the locator consists of data specific to the scheme,
4409 and is known as the "url-path". It supplies the details of how the
4410 specified resource can be accessed. Note that the "/" between the
4411 host (or port) and the url-path is NOT part of the url-path.
4413 As most agents use file://localhost/foo to get '/foo' although the
4414 slash preceding foo is a separator and not a slash for the path,
4415 a URL as file://localhost//foo must be valid as well, to refer to
4416 the same file with an absolute path.
4420 /* if there was two slashes, we skip the first one as that is then
4421 used truly as a separator */
4424 /* This cannot be made with strcpy, as the memory chunks overlap! */
4425 memmove(path, ptr, strlen(ptr)+1);
4427 path_has_drive = (('a' <= path[0] && path[0] <= 'z') ||
4428 ('A' <= path[0] && path[0] <= 'Z')) && path[1] == ':';
4431 #if !defined(MSDOS) && !defined(WIN32) && !defined(__CYGWIN__)
4432 if(path_has_drive) {
4433 failf(data, "File drive letters are only accepted in MSDOS/Windows.");
4434 return CURLE_URL_MALFORMAT;
4438 protop = "file"; /* protocol string */
4445 rc = sscanf(data->change.url,
4446 "%15[^\n/:]:%3[/]%[^\n/?#]%[^\n]",
4447 protobuf, slashbuf, conn->host.name, path);
4449 failf(data, "Bad URL");
4450 return CURLE_URL_MALFORMAT;
4455 * The URL was badly formatted, let's try the browser-style _without_
4456 * protocol specified like 'http://'.
4458 rc = sscanf(data->change.url, "%[^\n/?#]%[^\n]", conn->host.name, path);
4461 * We couldn't even get this format.
4462 * djgpp 2.04 has a sscanf() bug where 'conn->host.name' is
4463 * assigned, but the return value is EOF!
4465 #if defined(__DJGPP__) && (DJGPP_MINOR == 4)
4466 if(!(rc == -1 && *conn->host.name))
4469 failf(data, "<url> malformed");
4470 return CURLE_URL_MALFORMAT;
4475 * Since there was no protocol part specified in the URL use the
4476 * user-specified default protocol. If we weren't given a default make a
4477 * guess by matching some protocols against the host's outermost
4478 * sub-domain name. Finally if there was no match use HTTP.
4481 protop = data->set.str[STRING_DEFAULT_PROTOCOL];
4483 /* Note: if you add a new protocol, please update the list in
4484 * lib/version.c too! */
4485 if(checkprefix("FTP.", conn->host.name))
4487 else if(checkprefix("DICT.", conn->host.name))
4489 else if(checkprefix("LDAP.", conn->host.name))
4491 else if(checkprefix("IMAP.", conn->host.name))
4493 else if(checkprefix("SMTP.", conn->host.name))
4495 else if(checkprefix("POP3.", conn->host.name))
4501 *prot_missing = TRUE; /* not given in URL */
4504 size_t s = strlen(slashbuf);
4507 infof(data, "Unwillingly accepted illegal URL using %d slash%s!\n",
4510 if(data->change.url_alloc)
4511 free(data->change.url);
4512 /* repair the URL to use two slashes */
4513 data->change.url = aprintf("%s://%s%s",
4514 protobuf, conn->host.name, path);
4515 if(!data->change.url)
4516 return CURLE_OUT_OF_MEMORY;
4517 data->change.url_alloc = TRUE;
4522 /* We search for '?' in the host name (but only on the right side of a
4523 * @-letter to allow ?-letters in username and password) to handle things
4524 * like http://example.com?param= (notice the missing '/').
4526 at = strchr(conn->host.name, '@');
4528 query = strchr(at+1, '?');
4530 query = strchr(conn->host.name, '?');
4533 /* We must insert a slash before the '?'-letter in the URL. If the URL had
4534 a slash after the '?', that is where the path currently begins and the
4535 '?string' is still part of the host name.
4537 We must move the trailing part from the host name and put it first in
4538 the path. And have it all prefixed with a slash.
4541 size_t hostlen = strlen(query);
4542 size_t pathlen = strlen(path);
4544 /* move the existing path plus the zero byte forward, to make room for
4545 the host-name part */
4546 memmove(path+hostlen+1, path, pathlen+1);
4548 /* now copy the trailing host part in front of the existing path */
4549 memcpy(path+1, query, hostlen);
4551 path[0]='/'; /* prepend the missing slash */
4554 *query=0; /* now cut off the hostname at the ? */
4557 /* if there's no path set, use a single slash */
4562 /* If the URL is malformatted (missing a '/' after hostname before path) we
4563 * insert a slash here. The only letters except '/' that can start a path is
4564 * '?' and '#' - as controlled by the two sscanf() patterns above.
4566 if(path[0] != '/') {
4567 /* We need this function to deal with overlapping memory areas. We know
4568 that the memory area 'path' points to is 'urllen' bytes big and that
4569 is bigger than the path. Use +1 to move the zero byte too. */
4570 memmove(&path[1], path, strlen(path)+1);
4574 else if(!data->set.path_as_is) {
4575 /* sanitise paths and remove ../ and ./ sequences according to RFC3986 */
4576 char *newp = Curl_dedotdotify(path);
4578 return CURLE_OUT_OF_MEMORY;
4580 if(strcmp(newp, path)) {
4582 free(data->state.pathbuffer);
4583 data->state.pathbuffer = newp;
4584 data->state.path = newp;
4592 * "rebuild_url" means that one or more URL components have been modified so
4593 * we need to generate an updated full version. We need the corrected URL
4594 * when communicating over HTTP proxy and we don't know at this point if
4595 * we're using a proxy or not.
4600 size_t plen = strlen(path); /* new path, should be 1 byte longer than
4602 size_t urllen = strlen(data->change.url); /* original URL length */
4604 size_t prefixlen = strlen(conn->host.name);
4607 prefixlen += strlen(protop) + strlen("://");
4609 reurl = malloc(urllen + 2); /* 2 for zerobyte + slash */
4611 return CURLE_OUT_OF_MEMORY;
4613 /* copy the prefix */
4614 memcpy(reurl, data->change.url, prefixlen);
4616 /* append the trailing piece + zerobyte */
4617 memcpy(&reurl[prefixlen], path, plen + 1);
4619 /* possible free the old one */
4620 if(data->change.url_alloc) {
4621 Curl_safefree(data->change.url);
4622 data->change.url_alloc = FALSE;
4625 infof(data, "Rebuilt URL to: %s\n", reurl);
4627 data->change.url = reurl;
4628 data->change.url_alloc = TRUE; /* free this later */
4631 result = findprotocol(data, conn, protop);
4636 * Parse the login details from the URL and strip them out of
4639 result = parse_url_login(data, conn, userp, passwdp, optionsp);
4643 if(conn->host.name[0] == '[') {
4644 /* This looks like an IPv6 address literal. See if there is an address
4645 scope if there is no location header */
4646 char *percent = strchr(conn->host.name, '%');
4648 unsigned int identifier_offset = 3;
4650 unsigned long scope;
4651 if(strncmp("%25", percent, 3) != 0) {
4653 "Please URL encode %% as %%25, see RFC 6874.\n");
4654 identifier_offset = 1;
4656 scope = strtoul(percent + identifier_offset, &endp, 10);
4658 /* The address scope was well formed. Knock it out of the
4660 memmove(percent, endp, strlen(endp)+1);
4661 conn->scope_id = (unsigned int)scope;
4664 /* Zone identifier is not numeric */
4665 #if defined(HAVE_NET_IF_H) && defined(IFNAMSIZ) && defined(HAVE_IF_NAMETOINDEX)
4666 char ifname[IFNAMSIZ + 2];
4667 char *square_bracket;
4668 unsigned int scopeidx = 0;
4669 strncpy(ifname, percent + identifier_offset, IFNAMSIZ + 2);
4670 /* Ensure nullbyte termination */
4671 ifname[IFNAMSIZ + 1] = '\0';
4672 square_bracket = strchr(ifname, ']');
4673 if(square_bracket) {
4675 *square_bracket = '\0';
4676 scopeidx = if_nametoindex(ifname);
4678 infof(data, "Invalid network interface: %s; %s\n", ifname,
4683 char *p = percent + identifier_offset + strlen(ifname);
4685 /* Remove zone identifier from hostname */
4686 memmove(percent, p, strlen(p) + 1);
4687 conn->scope_id = scopeidx;
4690 #endif /* HAVE_NET_IF_H && IFNAMSIZ */
4691 infof(data, "Invalid IPv6 address format\n");
4696 if(data->set.scope_id)
4697 /* Override any scope that was set above. */
4698 conn->scope_id = data->set.scope_id;
4700 /* Remove the fragment part of the path. Per RFC 2396, this is always the
4701 last part of the URI. We are looking for the first '#' so that we deal
4702 gracefully with non conformant URI such as http://example.com#foo#bar. */
4703 fragment = strchr(path, '#');
4707 /* we know the path part ended with a fragment, so we know the full URL
4708 string does too and we need to cut it off from there so it isn't used
4710 fragment = strchr(data->change.url, '#');
4716 * So if the URL was A://B/C#D,
4718 * conn->host.name is B
4719 * data->state.path is /C
4725 * If we're doing a resumed transfer, we need to setup our stuff
4728 static CURLcode setup_range(struct Curl_easy *data)
4730 struct UrlState *s = &data->state;
4731 s->resume_from = data->set.set_resume_from;
4732 if(s->resume_from || data->set.str[STRING_SET_RANGE]) {
4733 if(s->rangestringalloc)
4737 s->range = aprintf("%" CURL_FORMAT_CURL_OFF_TU "-", s->resume_from);
4739 s->range = strdup(data->set.str[STRING_SET_RANGE]);
4741 s->rangestringalloc = (s->range) ? TRUE : FALSE;
4744 return CURLE_OUT_OF_MEMORY;
4746 /* tell ourselves to fetch this range */
4747 s->use_range = TRUE; /* enable range download */
4750 s->use_range = FALSE; /* disable range download */
4757 * setup_connection_internals() -
4759 * Setup connection internals specific to the requested protocol in the
4760 * Curl_easy. This is inited and setup before the connection is made but
4761 * is about the particular protocol that is to be used.
4763 * This MUST get called after proxy magic has been figured out.
4765 static CURLcode setup_connection_internals(struct connectdata *conn)
4767 const struct Curl_handler * p;
4769 struct Curl_easy *data = conn->data;
4771 /* in some case in the multi state-machine, we go back to the CONNECT state
4772 and then a second (or third or...) call to this function will be made
4773 without doing a DISCONNECT or DONE in between (since the connection is
4774 yet in place) and therefore this function needs to first make sure
4775 there's no lingering previous data allocated. */
4776 Curl_free_request_state(data);
4778 memset(&data->req, 0, sizeof(struct SingleRequest));
4779 data->req.maxdownload = -1;
4781 conn->socktype = SOCK_STREAM; /* most of them are TCP streams */
4783 /* Perform setup complement if some. */
4786 if(p->setup_connection) {
4787 result = (*p->setup_connection)(conn);
4792 p = conn->handler; /* May have changed. */
4796 /* we check for -1 here since if proxy was detected already, this
4797 was very likely already set to the proxy port */
4798 conn->port = p->defport;
4804 * Curl_free_request_state() should free temp data that was allocated in the
4805 * Curl_easy for this single request.
4808 void Curl_free_request_state(struct Curl_easy *data)
4810 Curl_safefree(data->req.protop);
4811 Curl_safefree(data->req.newurl);
4815 #ifndef CURL_DISABLE_PROXY
4816 /****************************************************************
4817 * Checks if the host is in the noproxy list. returns true if it matches
4818 * and therefore the proxy should NOT be used.
4819 ****************************************************************/
4820 static bool check_noproxy(const char *name, const char *no_proxy)
4822 /* no_proxy=domain1.dom,host.domain2.dom
4823 * (a comma-separated list of hosts which should
4824 * not be proxied, or an asterisk to override
4825 * all proxy variables)
4829 const char *separator = ", ";
4830 size_t no_proxy_len;
4834 if(no_proxy && no_proxy[0]) {
4835 if(strcasecompare("*", no_proxy)) {
4839 /* NO_PROXY was specified and it wasn't just an asterisk */
4841 no_proxy_len = strlen(no_proxy);
4842 endptr = strchr(name, ':');
4844 namelen = endptr - name;
4846 namelen = strlen(name);
4848 for(tok_start = 0; tok_start < no_proxy_len; tok_start = tok_end + 1) {
4849 while(tok_start < no_proxy_len &&
4850 strchr(separator, no_proxy[tok_start]) != NULL) {
4851 /* Look for the beginning of the token. */
4855 if(tok_start == no_proxy_len)
4856 break; /* It was all trailing separator chars, no more tokens. */
4858 for(tok_end = tok_start; tok_end < no_proxy_len &&
4859 strchr(separator, no_proxy[tok_end]) == NULL; ++tok_end)
4860 /* Look for the end of the token. */
4863 /* To match previous behaviour, where it was necessary to specify
4864 * ".local.com" to prevent matching "notlocal.com", we will leave
4867 if(no_proxy[tok_start] == '.')
4870 if((tok_end - tok_start) <= namelen) {
4871 /* Match the last part of the name to the domain we are checking. */
4872 const char *checkn = name + namelen - (tok_end - tok_start);
4873 if(strncasecompare(no_proxy + tok_start, checkn,
4874 tok_end - tok_start)) {
4875 if((tok_end - tok_start) == namelen || *(checkn - 1) == '.') {
4876 /* We either have an exact match, or the previous character is a .
4877 * so it is within the same domain, so no proxy for this host.
4882 } /* if((tok_end - tok_start) <= namelen) */
4883 } /* for(tok_start = 0; tok_start < no_proxy_len;
4884 tok_start = tok_end + 1) */
4885 } /* NO_PROXY was specified and it wasn't just an asterisk */
4890 /****************************************************************
4891 * Detect what (if any) proxy to use. Remember that this selects a host
4892 * name and is not limited to HTTP proxies only.
4893 * The returned pointer must be freed by the caller (unless NULL)
4894 ****************************************************************/
4895 static char *detect_proxy(struct connectdata *conn)
4899 /* If proxy was not specified, we check for default proxy environment
4900 * variables, to enable i.e Lynx compliance:
4902 * http_proxy=http://some.server.dom:port/
4903 * https_proxy=http://some.server.dom:port/
4904 * ftp_proxy=http://some.server.dom:port/
4905 * no_proxy=domain1.dom,host.domain2.dom
4906 * (a comma-separated list of hosts which should
4907 * not be proxied, or an asterisk to override
4908 * all proxy variables)
4909 * all_proxy=http://some.server.dom:port/
4910 * (seems to exist for the CERN www lib. Probably
4911 * the first to check for.)
4913 * For compatibility, the all-uppercase versions of these variables are
4914 * checked if the lowercase versions don't exist.
4916 char proxy_env[128];
4917 const char *protop = conn->handler->scheme;
4918 char *envp = proxy_env;
4921 /* Now, build <protocol>_proxy and check for such a one to use */
4923 *envp++ = (char)tolower((int)*protop++);
4926 strcpy(envp, "_proxy");
4928 /* read the protocol proxy: */
4929 prox=curl_getenv(proxy_env);
4932 * We don't try the uppercase version of HTTP_PROXY because of
4935 * When curl is used in a webserver application
4936 * environment (cgi or php), this environment variable can
4937 * be controlled by the web server user by setting the
4938 * http header 'Proxy:' to some value.
4940 * This can cause 'internal' http/ftp requests to be
4941 * arbitrarily redirected by any external attacker.
4943 if(!prox && !strcasecompare("http_proxy", proxy_env)) {
4944 /* There was no lowercase variable, try the uppercase version: */
4945 Curl_strntoupper(proxy_env, proxy_env, sizeof(proxy_env));
4946 prox=curl_getenv(proxy_env);
4950 proxy = prox; /* use this */
4952 proxy = curl_getenv("all_proxy"); /* default proxy to use */
4954 proxy=curl_getenv("ALL_PROXY");
4961 * If this is supposed to use a proxy, we need to figure out the proxy
4962 * host name, so that we can re-use an existing connection
4963 * that may exist registered to the same proxy host.
4965 static CURLcode parse_proxy(struct Curl_easy *data,
4966 struct connectdata *conn, char *proxy,
4967 curl_proxytype proxytype)
4972 /* We use 'proxyptr' to point to the proxy name from now on... */
4977 char *proxyuser = NULL;
4978 char *proxypasswd = NULL;
4981 /* We do the proxy host string parsing here. We want the host name and the
4982 * port name. Accept a protocol:// prefix
4985 /* Parse the protocol part if present */
4986 endofprot = strstr(proxy, "://");
4988 proxyptr = endofprot+3;
4989 if(checkprefix("https", proxy))
4990 proxytype = CURLPROXY_HTTPS;
4991 else if(checkprefix("socks5h", proxy))
4992 proxytype = CURLPROXY_SOCKS5_HOSTNAME;
4993 else if(checkprefix("socks5", proxy))
4994 proxytype = CURLPROXY_SOCKS5;
4995 else if(checkprefix("socks4a", proxy))
4996 proxytype = CURLPROXY_SOCKS4A;
4997 else if(checkprefix("socks4", proxy) || checkprefix("socks", proxy))
4998 proxytype = CURLPROXY_SOCKS4;
4999 else if(checkprefix("http:", proxy))
5000 ; /* leave it as HTTP or HTTP/1.0 */
5002 /* Any other xxx:// reject! */
5003 failf(data, "Unsupported proxy scheme for \'%s\'", proxy);
5004 return CURLE_COULDNT_CONNECT;
5008 proxyptr = proxy; /* No xxx:// head: It's a HTTP proxy */
5010 #ifndef HTTPS_PROXY_SUPPORT
5011 if(proxytype == CURLPROXY_HTTPS) {
5012 failf(data, "Unsupported proxy \'%s\'"
5013 ", libcurl is built without the HTTPS-proxy support.", proxy);
5014 return CURLE_NOT_BUILT_IN;
5018 sockstype = proxytype == CURLPROXY_SOCKS5_HOSTNAME ||
5019 proxytype == CURLPROXY_SOCKS5 ||
5020 proxytype == CURLPROXY_SOCKS4A ||
5021 proxytype == CURLPROXY_SOCKS4;
5023 /* Is there a username and password given in this proxy url? */
5024 atsign = strchr(proxyptr, '@');
5027 parse_login_details(proxyptr, atsign - proxyptr,
5028 &proxyuser, &proxypasswd, NULL);
5031 proxyptr = atsign + 1;
5034 /* start scanning for port number at this point */
5037 /* detect and extract RFC6874-style IPv6-addresses */
5038 if(*proxyptr == '[') {
5039 char *ptr = ++proxyptr; /* advance beyond the initial bracket */
5040 while(*ptr && (ISXDIGIT(*ptr) || (*ptr == ':') || (*ptr == '.')))
5043 /* There might be a zone identifier */
5044 if(strncmp("%25", ptr, 3))
5045 infof(data, "Please URL encode %% as %%25, see RFC 6874.\n");
5047 /* Allow unreserved characters as defined in RFC 3986 */
5048 while(*ptr && (ISALPHA(*ptr) || ISXDIGIT(*ptr) || (*ptr == '-') ||
5049 (*ptr == '.') || (*ptr == '_') || (*ptr == '~')))
5053 /* yeps, it ended nicely with a bracket as well */
5056 infof(data, "Invalid IPv6 address format\n");
5058 /* Note that if this didn't end with a bracket, we still advanced the
5059 * proxyptr first, but I can't see anything wrong with that as no host
5060 * name nor a numeric can legally start with a bracket.
5064 /* Get port number off proxy.server.com:1080 */
5065 prox_portno = strchr(portptr, ':');
5069 *prox_portno = 0x0; /* cut off number from host name */
5071 /* now set the local port number */
5072 port = strtol(prox_portno, &endp, 10);
5073 if((endp && *endp && (*endp != '/') && (*endp != ' ')) ||
5074 (port < 0) || (port > 65535)) {
5075 /* meant to detect for example invalid IPv6 numerical addresses without
5076 brackets: "2a00:fac0:a000::7:13". Accept a trailing slash only
5077 because we then allow "URL style" with the number followed by a
5078 slash, used in curl test cases already. Space is also an acceptable
5079 terminating symbol. */
5080 infof(data, "No valid port number in proxy string (%s)\n",
5087 if(proxyptr[0]=='/')
5088 /* If the first character in the proxy string is a slash, fail
5089 immediately. The following code will otherwise clear the string which
5090 will lead to code running as if no proxy was set! */
5091 return CURLE_COULDNT_RESOLVE_PROXY;
5093 /* without a port number after the host name, some people seem to use
5094 a slash so we strip everything from the first slash */
5095 atsign = strchr(proxyptr, '/');
5097 *atsign = '\0'; /* cut off path part from host name */
5099 if(data->set.proxyport)
5100 /* None given in the proxy string, then get the default one if it is
5102 port = data->set.proxyport;
5104 if(proxytype == CURLPROXY_HTTPS)
5105 port = CURL_DEFAULT_HTTPS_PROXY_PORT;
5107 port = CURL_DEFAULT_PROXY_PORT;
5112 struct proxy_info *proxyinfo =
5113 sockstype ? &conn->socks_proxy : &conn->http_proxy;
5114 proxyinfo->proxytype = proxytype;
5117 /* found user and password, rip them out. note that we are unescaping
5118 them, as there is otherwise no way to have a username or password
5119 with reserved characters like ':' in them. */
5120 Curl_safefree(proxyinfo->user);
5121 proxyinfo->user = curl_easy_unescape(data, proxyuser, 0, NULL);
5123 if(!proxyinfo->user)
5124 return CURLE_OUT_OF_MEMORY;
5126 Curl_safefree(proxyinfo->passwd);
5127 if(proxypasswd && strlen(proxypasswd) < MAX_CURL_PASSWORD_LENGTH)
5128 proxyinfo->passwd = curl_easy_unescape(data, proxypasswd, 0, NULL);
5130 proxyinfo->passwd = strdup("");
5132 if(!proxyinfo->passwd)
5133 return CURLE_OUT_OF_MEMORY;
5135 conn->bits.proxy_user_passwd = TRUE; /* enable it */
5139 proxyinfo->port = port;
5140 if(conn->port < 0 || sockstype || !conn->socks_proxy.host.rawalloc)
5144 /* now, clone the cleaned proxy host name */
5145 Curl_safefree(proxyinfo->host.rawalloc);
5146 proxyinfo->host.rawalloc = strdup(proxyptr);
5147 proxyinfo->host.name = proxyinfo->host.rawalloc;
5149 if(!proxyinfo->host.rawalloc)
5150 return CURLE_OUT_OF_MEMORY;
5153 Curl_safefree(proxyuser);
5154 Curl_safefree(proxypasswd);
5160 * Extract the user and password from the authentication string
5162 static CURLcode parse_proxy_auth(struct Curl_easy *data,
5163 struct connectdata *conn)
5165 char proxyuser[MAX_CURL_USER_LENGTH]="";
5166 char proxypasswd[MAX_CURL_PASSWORD_LENGTH]="";
5169 if(data->set.str[STRING_PROXYUSERNAME] != NULL) {
5170 strncpy(proxyuser, data->set.str[STRING_PROXYUSERNAME],
5171 MAX_CURL_USER_LENGTH);
5172 proxyuser[MAX_CURL_USER_LENGTH-1] = '\0'; /*To be on safe side*/
5174 if(data->set.str[STRING_PROXYPASSWORD] != NULL) {
5175 strncpy(proxypasswd, data->set.str[STRING_PROXYPASSWORD],
5176 MAX_CURL_PASSWORD_LENGTH);
5177 proxypasswd[MAX_CURL_PASSWORD_LENGTH-1] = '\0'; /*To be on safe side*/
5180 result = Curl_urldecode(data, proxyuser, 0, &conn->http_proxy.user, NULL,
5183 result = Curl_urldecode(data, proxypasswd, 0, &conn->http_proxy.passwd,
5187 #endif /* CURL_DISABLE_PROXY */
5192 * Parse the login details (user name, password and options) from the URL and
5193 * strip them out of the host name
5195 * Inputs: data->set.use_netrc (CURLOPT_NETRC)
5198 * Outputs: (almost :- all currently undefined)
5199 * conn->bits.user_passwd - non-zero if non-default passwords exist
5200 * user - non-zero length if defined
5201 * passwd - non-zero length if defined
5202 * options - non-zero length if defined
5203 * conn->host.name - remove user name and password
5205 static CURLcode parse_url_login(struct Curl_easy *data,
5206 struct connectdata *conn,
5207 char **user, char **passwd, char **options)
5209 CURLcode result = CURLE_OK;
5211 char *passwdp = NULL;
5212 char *optionsp = NULL;
5214 /* At this point, we're hoping all the other special cases have
5215 * been taken care of, so conn->host.name is at most
5216 * [user[:password][;options]]@]hostname
5218 * We need somewhere to put the embedded details, so do that first.
5221 char *ptr = strchr(conn->host.name, '@');
5222 char *login = conn->host.name;
5224 DEBUGASSERT(!**user);
5225 DEBUGASSERT(!**passwd);
5226 DEBUGASSERT(!**options);
5227 DEBUGASSERT(conn->handler);
5232 /* We will now try to extract the
5233 * possible login information in a string like:
5234 * ftp://user:password@ftp.my.site:8021/README */
5235 conn->host.name = ++ptr;
5237 /* So the hostname is sane. Only bother interpreting the
5238 * results if we could care. It could still be wasted
5239 * work because it might be overtaken by the programmatically
5240 * set user/passwd, but doing that first adds more cases here :-(
5243 if(data->set.use_netrc == CURL_NETRC_REQUIRED)
5246 /* We could use the login information in the URL so extract it. Only parse
5247 options if the handler says we should. */
5248 result = parse_login_details(login, ptr - login - 1,
5250 (conn->handler->flags & PROTOPT_URLOPTIONS)?
5258 /* We have a user in the URL */
5259 conn->bits.userpwd_in_url = TRUE;
5260 conn->bits.user_passwd = TRUE; /* enable user+password */
5262 /* Decode the user */
5263 result = Curl_urldecode(data, userp, 0, &newname, NULL, FALSE);
5273 /* We have a password in the URL so decode it */
5275 result = Curl_urldecode(data, passwdp, 0, &newpasswd, NULL, FALSE);
5281 *passwd = newpasswd;
5285 /* We have an options list in the URL so decode it */
5287 result = Curl_urldecode(data, optionsp, 0, &newoptions, NULL, FALSE);
5293 *options = newoptions;
5307 * parse_login_details()
5309 * This is used to parse a login string for user name, password and options in
5310 * the following formats:
5314 * user:password;options
5316 * user;options:password
5324 * login [in] - The login string.
5325 * len [in] - The length of the login string.
5326 * userp [in/out] - The address where a pointer to newly allocated memory
5327 * holding the user will be stored upon completion.
5328 * passdwp [in/out] - The address where a pointer to newly allocated memory
5329 * holding the password will be stored upon completion.
5330 * optionsp [in/out] - The address where a pointer to newly allocated memory
5331 * holding the options will be stored upon completion.
5333 * Returns CURLE_OK on success.
5335 static CURLcode parse_login_details(const char *login, const size_t len,
5336 char **userp, char **passwdp,
5339 CURLcode result = CURLE_OK;
5343 const char *psep = NULL;
5344 const char *osep = NULL;
5349 /* Attempt to find the password separator */
5351 psep = strchr(login, ':');
5353 /* Within the constraint of the login string */
5354 if(psep >= login + len)
5358 /* Attempt to find the options separator */
5360 osep = strchr(login, ';');
5362 /* Within the constraint of the login string */
5363 if(osep >= login + len)
5367 /* Calculate the portion lengths */
5369 (size_t)(osep && psep > osep ? osep - login : psep - login) :
5370 (osep ? (size_t)(osep - login) : len));
5372 (osep && osep > psep ? (size_t)(osep - psep) :
5373 (size_t)(login + len - psep)) - 1 : 0);
5375 (psep && psep > osep ? (size_t)(psep - osep) :
5376 (size_t)(login + len - osep)) - 1 : 0);
5378 /* Allocate the user portion buffer */
5380 ubuf = malloc(ulen + 1);
5382 result = CURLE_OUT_OF_MEMORY;
5385 /* Allocate the password portion buffer */
5386 if(!result && passwdp && plen) {
5387 pbuf = malloc(plen + 1);
5390 result = CURLE_OUT_OF_MEMORY;
5394 /* Allocate the options portion buffer */
5395 if(!result && optionsp && olen) {
5396 obuf = malloc(olen + 1);
5400 result = CURLE_OUT_OF_MEMORY;
5405 /* Store the user portion if necessary */
5407 memcpy(ubuf, login, ulen);
5409 Curl_safefree(*userp);
5413 /* Store the password portion if necessary */
5415 memcpy(pbuf, psep + 1, plen);
5417 Curl_safefree(*passwdp);
5421 /* Store the options portion if necessary */
5423 memcpy(obuf, osep + 1, olen);
5425 Curl_safefree(*optionsp);
5433 /*************************************************************
5434 * Figure out the remote port number and fix it in the URL
5436 * No matter if we use a proxy or not, we have to figure out the remote
5437 * port number of various reasons.
5439 * To be able to detect port number flawlessly, we must not confuse them
5440 * IPv6-specified addresses in the [0::1] style. (RFC2732)
5442 * The conn->host.name is currently [user:passwd@]host[:port] where host
5443 * could be a hostname, IPv4 address or IPv6 address.
5445 * The port number embedded in the URL is replaced, if necessary.
5446 *************************************************************/
5447 static CURLcode parse_remote_port(struct Curl_easy *data,
5448 struct connectdata *conn)
5453 /* Note that at this point, the IPv6 address cannot contain any scope
5454 suffix as that has already been removed in the parseurlandfillconn()
5456 if((1 == sscanf(conn->host.name, "[%*45[0123456789abcdefABCDEF:.]%c",
5458 (']' == endbracket)) {
5459 /* this is a RFC2732-style specified IP-address */
5460 conn->bits.ipv6_ip = TRUE;
5462 conn->host.name++; /* skip over the starting bracket */
5463 portptr = strchr(conn->host.name, ']');
5465 *portptr++ = '\0'; /* zero terminate, killing the bracket */
5467 portptr = NULL; /* no port number available */
5472 struct in6_addr in6;
5473 if(Curl_inet_pton(AF_INET6, conn->host.name, &in6) > 0) {
5474 /* This is a numerical IPv6 address, meaning this is a wrongly formatted
5476 failf(data, "IPv6 numerical address used in URL without brackets");
5477 return CURLE_URL_MALFORMAT;
5481 portptr = strrchr(conn->host.name, ':');
5484 if(data->set.use_port && data->state.allow_port) {
5485 /* if set, we use this and ignore the port possibly given in the URL */
5486 conn->remote_port = (unsigned short)data->set.use_port;
5488 *portptr = '\0'; /* cut off the name there anyway - if there was a port
5489 number - since the port number is to be ignored! */
5490 if(conn->bits.httpproxy) {
5491 /* we need to create new URL with the new port number */
5495 if(conn->bits.type_set)
5496 snprintf(type, sizeof(type), ";type=%c",
5497 data->set.prefer_ascii?'A':
5498 (data->set.ftp_list_only?'D':'I'));
5501 * This synthesized URL isn't always right--suffixes like ;type=A are
5502 * stripped off. It would be better to work directly from the original
5503 * URL and simply replace the port part of it.
5505 url = aprintf("%s://%s%s%s:%hu%s%s%s", conn->given->scheme,
5506 conn->bits.ipv6_ip?"[":"", conn->host.name,
5507 conn->bits.ipv6_ip?"]":"", conn->remote_port,
5508 data->state.slash_removed?"/":"", data->state.path,
5511 return CURLE_OUT_OF_MEMORY;
5513 if(data->change.url_alloc) {
5514 Curl_safefree(data->change.url);
5515 data->change.url_alloc = FALSE;
5518 data->change.url = url;
5519 data->change.url_alloc = TRUE;
5523 /* no CURLOPT_PORT given, extract the one from the URL */
5528 port=strtol(portptr+1, &rest, 10); /* Port number must be decimal */
5530 if((port < 0) || (port > 0xffff)) {
5531 /* Single unix standard says port numbers are 16 bits long */
5532 failf(data, "Port number out of range");
5533 return CURLE_URL_MALFORMAT;
5536 else if(rest != &portptr[1]) {
5537 *portptr = '\0'; /* cut off the name there */
5538 conn->remote_port = curlx_ultous(port);
5542 failf(data, "Illegal port number");
5543 return CURLE_URL_MALFORMAT;
5545 /* Browser behavior adaptation. If there's a colon with no digits after,
5546 just cut off the name there which makes us ignore the colon and just
5547 use the default port. Firefox and Chrome both do that. */
5552 /* only if remote_port was not already parsed off the URL we use the
5553 default port number */
5554 if(conn->remote_port < 0)
5555 conn->remote_port = (unsigned short)conn->given->defport;
5561 * Override the login details from the URL with that in the CURLOPT_USERPWD
5562 * option or a .netrc file, if applicable.
5564 static CURLcode override_login(struct Curl_easy *data,
5565 struct connectdata *conn,
5566 char **userp, char **passwdp, char **optionsp)
5568 if(data->set.str[STRING_USERNAME]) {
5570 *userp = strdup(data->set.str[STRING_USERNAME]);
5572 return CURLE_OUT_OF_MEMORY;
5575 if(data->set.str[STRING_PASSWORD]) {
5577 *passwdp = strdup(data->set.str[STRING_PASSWORD]);
5579 return CURLE_OUT_OF_MEMORY;
5582 if(data->set.str[STRING_OPTIONS]) {
5584 *optionsp = strdup(data->set.str[STRING_OPTIONS]);
5586 return CURLE_OUT_OF_MEMORY;
5589 conn->bits.netrc = FALSE;
5590 if(data->set.use_netrc != CURL_NETRC_IGNORED) {
5591 int ret = Curl_parsenetrc(conn->host.name,
5593 data->set.str[STRING_NETRC_FILE]);
5595 infof(data, "Couldn't find host %s in the "
5596 DOT_CHAR "netrc file; using defaults\n",
5600 return CURLE_OUT_OF_MEMORY;
5603 /* set bits.netrc TRUE to remember that we got the name from a .netrc
5604 file, so that it is safe to use even if we followed a Location: to a
5605 different host or similar. */
5606 conn->bits.netrc = TRUE;
5608 conn->bits.user_passwd = TRUE; /* enable user+password */
5616 * Set the login details so they're available in the connection
5618 static CURLcode set_login(struct connectdata *conn,
5619 const char *user, const char *passwd,
5620 const char *options)
5622 CURLcode result = CURLE_OK;
5624 /* If our protocol needs a password and we have none, use the defaults */
5625 if((conn->handler->flags & PROTOPT_NEEDSPWD) && !conn->bits.user_passwd) {
5626 /* Store the default user */
5627 conn->user = strdup(CURL_DEFAULT_USER);
5629 /* Store the default password */
5631 conn->passwd = strdup(CURL_DEFAULT_PASSWORD);
5633 conn->passwd = NULL;
5635 /* This is the default password, so DON'T set conn->bits.user_passwd */
5638 /* Store the user, zero-length if not set */
5639 conn->user = strdup(user);
5641 /* Store the password (only if user is present), zero-length if not set */
5643 conn->passwd = strdup(passwd);
5645 conn->passwd = NULL;
5648 if(!conn->user || !conn->passwd)
5649 result = CURLE_OUT_OF_MEMORY;
5651 /* Store the options, null if not set */
5652 if(!result && options[0]) {
5653 conn->options = strdup(options);
5656 result = CURLE_OUT_OF_MEMORY;
5663 * Parses a "host:port" string to connect to.
5664 * The hostname and the port may be empty; in this case, NULL is returned for
5665 * the hostname and -1 for the port.
5667 static CURLcode parse_connect_to_host_port(struct Curl_easy *data,
5669 char **hostname_result,
5678 #if defined(CURL_DISABLE_VERBOSE_STRINGS)
5682 *hostname_result = NULL;
5688 host_dup = strdup(host);
5690 return CURLE_OUT_OF_MEMORY;
5694 /* start scanning for port number at this point */
5697 /* detect and extract RFC6874-style IPv6-addresses */
5698 if(*hostptr == '[') {
5699 char *ptr = ++hostptr; /* advance beyond the initial bracket */
5700 while(*ptr && (ISXDIGIT(*ptr) || (*ptr == ':') || (*ptr == '.')))
5703 /* There might be a zone identifier */
5704 if(strncmp("%25", ptr, 3))
5705 infof(data, "Please URL encode %% as %%25, see RFC 6874.\n");
5707 /* Allow unreserved characters as defined in RFC 3986 */
5708 while(*ptr && (ISALPHA(*ptr) || ISXDIGIT(*ptr) || (*ptr == '-') ||
5709 (*ptr == '.') || (*ptr == '_') || (*ptr == '~')))
5713 /* yeps, it ended nicely with a bracket as well */
5716 infof(data, "Invalid IPv6 address format\n");
5718 /* Note that if this didn't end with a bracket, we still advanced the
5719 * hostptr first, but I can't see anything wrong with that as no host
5720 * name nor a numeric can legally start with a bracket.
5724 /* Get port number off server.com:1080 */
5725 host_portno = strchr(portptr, ':');
5728 *host_portno = '\0'; /* cut off number from host name */
5731 long portparse = strtol(host_portno, &endp, 10);
5732 if((endp && *endp) || (portparse < 0) || (portparse > 65535)) {
5733 infof(data, "No valid port number in connect to host string (%s)\n",
5739 port = (int)portparse; /* we know it will fit */
5743 /* now, clone the cleaned host name */
5745 *hostname_result = strdup(hostptr);
5746 if(!*hostname_result) {
5748 return CURLE_OUT_OF_MEMORY;
5752 *port_result = port;
5759 * Parses one "connect to" string in the form:
5760 * "HOST:PORT:CONNECT-TO-HOST:CONNECT-TO-PORT".
5762 static CURLcode parse_connect_to_string(struct Curl_easy *data,
5763 struct connectdata *conn,
5764 const char *conn_to_host,
5768 CURLcode result = CURLE_OK;
5769 const char *ptr = conn_to_host;
5770 int host_match = FALSE;
5771 int port_match = FALSE;
5773 *host_result = NULL;
5777 /* an empty hostname always matches */
5782 /* check whether the URL's hostname matches */
5783 size_t hostname_to_match_len;
5784 char *hostname_to_match = aprintf("%s%s%s",
5785 conn->bits.ipv6_ip ? "[" : "",
5787 conn->bits.ipv6_ip ? "]" : "");
5788 if(!hostname_to_match)
5789 return CURLE_OUT_OF_MEMORY;
5790 hostname_to_match_len = strlen(hostname_to_match);
5791 host_match = strncasecompare(ptr, hostname_to_match,
5792 hostname_to_match_len);
5793 free(hostname_to_match);
5794 ptr += hostname_to_match_len;
5796 host_match = host_match && *ptr == ':';
5802 /* an empty port always matches */
5807 /* check whether the URL's port matches */
5808 char *ptr_next = strchr(ptr, ':');
5811 long port_to_match = strtol(ptr, &endp, 10);
5812 if((endp == ptr_next) && (port_to_match == conn->remote_port)) {
5820 if(host_match && port_match) {
5821 /* parse the hostname and port to connect to */
5822 result = parse_connect_to_host_port(data, ptr, host_result, port_result);
5829 * Processes all strings in the "connect to" slist, and uses the "connect
5830 * to host" and "connect to port" of the first string that matches.
5832 static CURLcode parse_connect_to_slist(struct Curl_easy *data,
5833 struct connectdata *conn,
5834 struct curl_slist *conn_to_host)
5836 CURLcode result = CURLE_OK;
5840 while(conn_to_host && !host && port == -1) {
5841 result = parse_connect_to_string(data, conn, conn_to_host->data,
5847 conn->conn_to_host.rawalloc = host;
5848 conn->conn_to_host.name = host;
5849 conn->bits.conn_to_host = TRUE;
5851 infof(data, "Connecting to hostname: %s\n", host);
5854 /* no "connect to host" */
5855 conn->bits.conn_to_host = FALSE;
5856 Curl_safefree(host);
5860 conn->conn_to_port = port;
5861 conn->bits.conn_to_port = TRUE;
5862 infof(data, "Connecting to port: %d\n", port);
5865 /* no "connect to port" */
5866 conn->bits.conn_to_port = FALSE;
5870 conn_to_host = conn_to_host->next;
5876 /*************************************************************
5877 * Resolve the address of the server or proxy
5878 *************************************************************/
5879 static CURLcode resolve_server(struct Curl_easy *data,
5880 struct connectdata *conn,
5883 CURLcode result=CURLE_OK;
5884 time_t timeout_ms = Curl_timeleft(data, NULL, TRUE);
5886 /*************************************************************
5887 * Resolve the name of the server or proxy
5888 *************************************************************/
5889 if(conn->bits.reuse)
5890 /* We're reusing the connection - no need to resolve anything, and
5891 fix_hostname() was called already in create_conn() for the re-use
5896 /* this is a fresh connect */
5898 struct Curl_dns_entry *hostaddr;
5900 #ifdef USE_UNIX_SOCKETS
5901 if(conn->unix_domain_socket) {
5902 /* Unix domain sockets are local. The host gets ignored, just use the
5903 * specified domain socket address. Do not cache "DNS entries". There is
5904 * no DNS involved and we already have the filesystem path available */
5905 const char *path = conn->unix_domain_socket;
5907 hostaddr = calloc(1, sizeof(struct Curl_dns_entry));
5909 result = CURLE_OUT_OF_MEMORY;
5911 bool longpath = FALSE;
5912 hostaddr->addr = Curl_unix2addr(path, &longpath,
5913 conn->abstract_unix_socket);
5917 /* Long paths are not supported for now */
5919 failf(data, "Unix socket path too long: '%s'", path);
5920 result = CURLE_COULDNT_RESOLVE_HOST;
5923 result = CURLE_OUT_OF_MEMORY;
5931 if(!conn->bits.proxy) {
5932 struct hostname *connhost;
5933 if(conn->bits.conn_to_host)
5934 connhost = &conn->conn_to_host;
5936 connhost = &conn->host;
5938 /* If not connecting via a proxy, extract the port from the URL, if it is
5939 * there, thus overriding any defaults that might have been set above. */
5940 if(conn->bits.conn_to_port)
5941 conn->port = conn->conn_to_port;
5943 conn->port = conn->remote_port;
5945 /* Resolve target host right on */
5946 rc = Curl_resolv_timeout(conn, connhost->name, (int)conn->port,
5947 &hostaddr, timeout_ms);
5948 if(rc == CURLRESOLV_PENDING)
5951 else if(rc == CURLRESOLV_TIMEDOUT)
5952 result = CURLE_OPERATION_TIMEDOUT;
5954 else if(!hostaddr) {
5955 failf(data, "Couldn't resolve host '%s'", connhost->dispname);
5956 result = CURLE_COULDNT_RESOLVE_HOST;
5957 /* don't return yet, we need to clean up the timeout first */
5961 /* This is a proxy that hasn't been resolved yet. */
5963 struct hostname * const host = conn->bits.socksproxy ?
5964 &conn->socks_proxy.host : &conn->http_proxy.host;
5967 rc = Curl_resolv_timeout(conn, host->name, (int)conn->port,
5968 &hostaddr, timeout_ms);
5970 if(rc == CURLRESOLV_PENDING)
5973 else if(rc == CURLRESOLV_TIMEDOUT)
5974 result = CURLE_OPERATION_TIMEDOUT;
5976 else if(!hostaddr) {
5977 failf(data, "Couldn't resolve proxy '%s'", host->dispname);
5978 result = CURLE_COULDNT_RESOLVE_PROXY;
5979 /* don't return yet, we need to clean up the timeout first */
5982 DEBUGASSERT(conn->dns_entry == NULL);
5983 conn->dns_entry = hostaddr;
5990 * Cleanup the connection just allocated before we can move along and use the
5991 * previously existing one. All relevant data is copied over and old_conn is
5992 * ready for freeing once this function returns.
5994 static void reuse_conn(struct connectdata *old_conn,
5995 struct connectdata *conn)
5997 free_fixed_hostname(&old_conn->http_proxy.host);
5998 free_fixed_hostname(&old_conn->socks_proxy.host);
6000 free(old_conn->http_proxy.host.rawalloc);
6001 free(old_conn->socks_proxy.host.rawalloc);
6003 /* free the SSL config struct from this connection struct as this was
6004 allocated in vain and is targeted for destruction */
6005 Curl_free_primary_ssl_config(&old_conn->ssl_config);
6006 Curl_free_primary_ssl_config(&old_conn->proxy_ssl_config);
6008 conn->data = old_conn->data;
6010 /* get the user+password information from the old_conn struct since it may
6011 * be new for this request even when we re-use an existing connection */
6012 conn->bits.user_passwd = old_conn->bits.user_passwd;
6013 if(conn->bits.user_passwd) {
6014 /* use the new user name and password though */
6015 Curl_safefree(conn->user);
6016 Curl_safefree(conn->passwd);
6017 conn->user = old_conn->user;
6018 conn->passwd = old_conn->passwd;
6019 old_conn->user = NULL;
6020 old_conn->passwd = NULL;
6023 conn->bits.proxy_user_passwd = old_conn->bits.proxy_user_passwd;
6024 if(conn->bits.proxy_user_passwd) {
6025 /* use the new proxy user name and proxy password though */
6026 Curl_safefree(conn->http_proxy.user);
6027 Curl_safefree(conn->socks_proxy.user);
6028 Curl_safefree(conn->http_proxy.passwd);
6029 Curl_safefree(conn->socks_proxy.passwd);
6030 conn->http_proxy.user = old_conn->http_proxy.user;
6031 conn->socks_proxy.user = old_conn->socks_proxy.user;
6032 conn->http_proxy.passwd = old_conn->http_proxy.passwd;
6033 conn->socks_proxy.passwd = old_conn->socks_proxy.passwd;
6034 old_conn->http_proxy.user = NULL;
6035 old_conn->socks_proxy.user = NULL;
6036 old_conn->http_proxy.passwd = NULL;
6037 old_conn->socks_proxy.passwd = NULL;
6040 /* host can change, when doing keepalive with a proxy or if the case is
6041 different this time etc */
6042 free_fixed_hostname(&conn->host);
6043 free_fixed_hostname(&conn->conn_to_host);
6044 Curl_safefree(conn->host.rawalloc);
6045 Curl_safefree(conn->conn_to_host.rawalloc);
6046 conn->host=old_conn->host;
6047 conn->bits.conn_to_host = old_conn->bits.conn_to_host;
6048 conn->conn_to_host = old_conn->conn_to_host;
6049 conn->bits.conn_to_port = old_conn->bits.conn_to_port;
6050 conn->conn_to_port = old_conn->conn_to_port;
6052 /* persist connection info in session handle */
6053 Curl_persistconninfo(conn);
6055 conn_reset_all_postponed_data(old_conn); /* free buffers */
6056 conn_reset_all_postponed_data(conn); /* reset unprocessed data */
6059 conn->bits.reuse = TRUE; /* yes, we're re-using here */
6061 Curl_safefree(old_conn->user);
6062 Curl_safefree(old_conn->passwd);
6063 Curl_safefree(old_conn->http_proxy.user);
6064 Curl_safefree(old_conn->socks_proxy.user);
6065 Curl_safefree(old_conn->http_proxy.passwd);
6066 Curl_safefree(old_conn->socks_proxy.passwd);
6067 Curl_safefree(old_conn->localdev);
6069 Curl_llist_destroy(old_conn->send_pipe, NULL);
6070 Curl_llist_destroy(old_conn->recv_pipe, NULL);
6072 old_conn->send_pipe = NULL;
6073 old_conn->recv_pipe = NULL;
6075 Curl_safefree(old_conn->master_buffer);
6077 #ifdef USE_UNIX_SOCKETS
6078 Curl_safefree(old_conn->unix_domain_socket);
6083 * create_conn() sets up a new connectdata struct, or re-uses an already
6084 * existing one, and resolves host name.
6086 * if this function returns CURLE_OK and *async is set to TRUE, the resolve
6087 * response will be coming asynchronously. If *async is FALSE, the name is
6090 * @param data The sessionhandle pointer
6091 * @param in_connect is set to the next connection data pointer
6092 * @param async is set TRUE when an async DNS resolution is pending
6093 * @see Curl_setup_conn()
6095 * *NOTE* this function assigns the conn->data pointer!
6098 static CURLcode create_conn(struct Curl_easy *data,
6099 struct connectdata **in_connect,
6102 CURLcode result = CURLE_OK;
6103 struct connectdata *conn;
6104 struct connectdata *conn_temp = NULL;
6107 char *passwd = NULL;
6108 char *options = NULL;
6111 char *socksproxy = NULL;
6112 char *no_proxy = NULL;
6113 bool prot_missing = FALSE;
6114 bool connections_available = TRUE;
6115 bool force_reuse = FALSE;
6116 bool waitpipe = FALSE;
6117 size_t max_host_connections = Curl_multi_max_host_connections(data->multi);
6118 size_t max_total_connections = Curl_multi_max_total_connections(data->multi);
6122 /*************************************************************
6124 *************************************************************/
6126 if(!data->change.url) {
6127 result = CURLE_URL_MALFORMAT;
6131 /* First, split up the current URL in parts so that we can use the
6132 parts for checking against the already present connections. In order
6133 to not have to modify everything at once, we allocate a temporary
6134 connection data struct and fill in for comparison purposes. */
6135 conn = allocate_conn(data);
6138 result = CURLE_OUT_OF_MEMORY;
6142 /* We must set the return variable as soon as possible, so that our
6143 parent can cleanup any possible allocs we may have done before
6147 /* This initing continues below, see the comment "Continue connectdata
6148 * initialization here" */
6150 /***********************************************************
6151 * We need to allocate memory to store the path in. We get the size of the
6152 * full URL to be sure, and we need to make it at least 256 bytes since
6153 * other parts of the code will rely on this fact
6154 ***********************************************************/
6155 #define LEAST_PATH_ALLOC 256
6156 urllen=strlen(data->change.url);
6157 if(urllen < LEAST_PATH_ALLOC)
6158 urllen=LEAST_PATH_ALLOC;
6161 * We malloc() the buffers below urllen+2 to make room for 2 possibilities:
6162 * 1 - an extra terminating zero
6163 * 2 - an extra slash (in case a syntax like "www.host.com?moo" is used)
6166 Curl_safefree(data->state.pathbuffer);
6167 data->state.path = NULL;
6169 data->state.pathbuffer = malloc(urllen+2);
6170 if(NULL == data->state.pathbuffer) {
6171 result = CURLE_OUT_OF_MEMORY; /* really bad error */
6174 data->state.path = data->state.pathbuffer;
6176 conn->host.rawalloc = malloc(urllen+2);
6177 if(NULL == conn->host.rawalloc) {
6178 Curl_safefree(data->state.pathbuffer);
6179 data->state.path = NULL;
6180 result = CURLE_OUT_OF_MEMORY;
6184 conn->host.name = conn->host.rawalloc;
6185 conn->host.name[0] = 0;
6188 passwd = strdup("");
6189 options = strdup("");
6190 if(!user || !passwd || !options) {
6191 result = CURLE_OUT_OF_MEMORY;
6195 result = parseurlandfillconn(data, conn, &prot_missing, &user, &passwd,
6200 /*************************************************************
6201 * No protocol part in URL was used, add it!
6202 *************************************************************/
6204 /* We're guessing prefixes here and if we're told to use a proxy or if
6205 we're gonna follow a Location: later or... then we need the protocol
6206 part added so that we have a valid URL. */
6210 reurl = aprintf("%s://%s", conn->handler->scheme, data->change.url);
6213 result = CURLE_OUT_OF_MEMORY;
6217 /* Change protocol prefix to lower-case */
6218 for(ch_lower = reurl; *ch_lower != ':'; ch_lower++)
6219 *ch_lower = (char)TOLOWER(*ch_lower);
6221 if(data->change.url_alloc) {
6222 Curl_safefree(data->change.url);
6223 data->change.url_alloc = FALSE;
6226 data->change.url = reurl;
6227 data->change.url_alloc = TRUE; /* free this later */
6230 /*************************************************************
6231 * If the protocol can't handle url query strings, then cut
6232 * off the unhandable part
6233 *************************************************************/
6234 if((conn->given->flags&PROTOPT_NOURLQUERY)) {
6235 char *path_q_sep = strchr(conn->data->state.path, '?');
6237 /* according to rfc3986, allow the query (?foo=bar)
6238 also on protocols that can't handle it.
6240 cut the string-part after '?'
6243 /* terminate the string */
6248 if(data->set.str[STRING_BEARER]) {
6249 conn->oauth_bearer = strdup(data->set.str[STRING_BEARER]);
6250 if(!conn->oauth_bearer) {
6251 result = CURLE_OUT_OF_MEMORY;
6256 #ifndef CURL_DISABLE_PROXY
6257 /*************************************************************
6258 * Extract the user and password from the authentication string
6259 *************************************************************/
6260 if(conn->bits.proxy_user_passwd) {
6261 result = parse_proxy_auth(data, conn);
6266 /*************************************************************
6267 * Detect what (if any) proxy to use
6268 *************************************************************/
6269 if(data->set.str[STRING_PROXY]) {
6270 proxy = strdup(data->set.str[STRING_PROXY]);
6271 /* if global proxy is set, this is it */
6273 failf(data, "memory shortage");
6274 result = CURLE_OUT_OF_MEMORY;
6279 if(data->set.str[STRING_PRE_PROXY]) {
6280 socksproxy = strdup(data->set.str[STRING_PRE_PROXY]);
6281 /* if global socks proxy is set, this is it */
6282 if(NULL == socksproxy) {
6283 failf(data, "memory shortage");
6284 result = CURLE_OUT_OF_MEMORY;
6289 no_proxy = curl_getenv("no_proxy");
6291 no_proxy = curl_getenv("NO_PROXY");
6293 if(check_noproxy(conn->host.name, data->set.str[STRING_NOPROXY]) ||
6294 (!data->set.str[STRING_NOPROXY] &&
6295 check_noproxy(conn->host.name, no_proxy))) {
6296 Curl_safefree(proxy);
6297 Curl_safefree(socksproxy);
6299 else if(!proxy && !socksproxy)
6300 #ifndef CURL_DISABLE_HTTP
6301 /* if the host is not in the noproxy list, detect proxy. */
6302 proxy = detect_proxy(conn);
6303 #else /* !CURL_DISABLE_HTTP */
6305 #endif /* CURL_DISABLE_HTTP */
6307 Curl_safefree(no_proxy);
6309 #ifdef USE_UNIX_SOCKETS
6310 if(data->set.str[STRING_UNIX_SOCKET_PATH]) {
6312 free(proxy); /* Unix domain sockets cannot be proxied, so disable it */
6315 conn->unix_domain_socket = strdup(data->set.str[STRING_UNIX_SOCKET_PATH]);
6316 if(conn->unix_domain_socket == NULL) {
6317 result = CURLE_OUT_OF_MEMORY;
6320 conn->abstract_unix_socket = data->set.abstract_unix_socket;
6324 if(proxy && (!*proxy || (conn->handler->flags & PROTOPT_NONETWORK))) {
6325 free(proxy); /* Don't bother with an empty proxy string or if the
6326 protocol doesn't work with network */
6329 if(socksproxy && (!*socksproxy ||
6330 (conn->handler->flags & PROTOPT_NONETWORK))) {
6331 free(socksproxy); /* Don't bother with an empty socks proxy string or if
6332 the protocol doesn't work with network */
6336 /***********************************************************************
6337 * If this is supposed to use a proxy, we need to figure out the proxy host
6338 * name, proxy type and port number, so that we can re-use an existing
6339 * connection that may exist registered to the same proxy host.
6340 ***********************************************************************/
6341 if(proxy || socksproxy) {
6343 result = parse_proxy(data, conn, proxy, conn->http_proxy.proxytype);
6344 Curl_safefree(proxy); /* parse_proxy copies the proxy string */
6350 result = parse_proxy(data, conn, socksproxy,
6351 conn->socks_proxy.proxytype);
6352 /* parse_proxy copies the socks proxy string */
6353 Curl_safefree(socksproxy);
6358 if(conn->http_proxy.host.rawalloc) {
6359 #ifdef CURL_DISABLE_HTTP
6360 /* asking for a HTTP proxy is a bit funny when HTTP is disabled... */
6361 result = CURLE_UNSUPPORTED_PROTOCOL;
6364 /* force this connection's protocol to become HTTP if not already
6365 compatible - if it isn't tunneling through */
6366 if(!(conn->handler->protocol & PROTO_FAMILY_HTTP) &&
6367 !conn->bits.tunnel_proxy)
6368 conn->handler = &Curl_handler_http;
6370 conn->bits.httpproxy = TRUE;
6374 conn->bits.httpproxy = FALSE; /* not a HTTP proxy */
6375 conn->bits.tunnel_proxy = FALSE; /* no tunneling if not HTTP */
6378 if(conn->socks_proxy.host.rawalloc) {
6379 if(!conn->http_proxy.host.rawalloc) {
6380 /* once a socks proxy */
6381 if(!conn->socks_proxy.user) {
6382 conn->socks_proxy.user = conn->http_proxy.user;
6383 conn->http_proxy.user = NULL;
6384 Curl_safefree(conn->socks_proxy.passwd);
6385 conn->socks_proxy.passwd = conn->http_proxy.passwd;
6386 conn->http_proxy.passwd = NULL;
6389 conn->bits.socksproxy = TRUE;
6392 conn->bits.socksproxy = FALSE; /* not a socks proxy */
6395 conn->bits.socksproxy = FALSE;
6396 conn->bits.httpproxy = FALSE;
6398 conn->bits.proxy = conn->bits.httpproxy || conn->bits.socksproxy;
6400 if(!conn->bits.proxy) {
6401 /* we aren't using the proxy after all... */
6402 conn->bits.proxy = FALSE;
6403 conn->bits.httpproxy = FALSE;
6404 conn->bits.socksproxy = FALSE;
6405 conn->bits.proxy_user_passwd = FALSE;
6406 conn->bits.tunnel_proxy = FALSE;
6409 #endif /* CURL_DISABLE_PROXY */
6411 /*************************************************************
6412 * If the protocol is using SSL and HTTP proxy is used, we set
6413 * the tunnel_proxy bit.
6414 *************************************************************/
6415 if((conn->given->flags&PROTOPT_SSL) && conn->bits.httpproxy)
6416 conn->bits.tunnel_proxy = TRUE;
6418 /*************************************************************
6419 * Figure out the remote port number and fix it in the URL
6420 *************************************************************/
6421 result = parse_remote_port(data, conn);
6425 /* Check for overridden login details and set them accordingly so they
6426 they are known when protocol->setup_connection is called! */
6427 result = override_login(data, conn, &user, &passwd, &options);
6430 result = set_login(conn, user, passwd, options);
6434 /*************************************************************
6435 * Process the "connect to" linked list of hostname/port mappings.
6436 * Do this after the remote port number has been fixed in the URL.
6437 *************************************************************/
6438 result = parse_connect_to_slist(data, conn, data->set.connect_to);
6442 /*************************************************************
6443 * IDN-fix the hostnames
6444 *************************************************************/
6445 fix_hostname(conn, &conn->host);
6446 if(conn->bits.conn_to_host)
6447 fix_hostname(conn, &conn->conn_to_host);
6448 if(conn->bits.httpproxy)
6449 fix_hostname(conn, &conn->http_proxy.host);
6450 if(conn->bits.socksproxy)
6451 fix_hostname(conn, &conn->socks_proxy.host);
6453 /*************************************************************
6454 * Check whether the host and the "connect to host" are equal.
6455 * Do this after the hostnames have been IDN-fixed.
6456 *************************************************************/
6457 if(conn->bits.conn_to_host &&
6458 strcasecompare(conn->conn_to_host.name, conn->host.name)) {
6459 conn->bits.conn_to_host = FALSE;
6462 /*************************************************************
6463 * Check whether the port and the "connect to port" are equal.
6464 * Do this after the remote port number has been fixed in the URL.
6465 *************************************************************/
6466 if(conn->bits.conn_to_port && conn->conn_to_port == conn->remote_port) {
6467 conn->bits.conn_to_port = FALSE;
6470 /*************************************************************
6471 * If the "connect to" feature is used with an HTTP proxy,
6472 * we set the tunnel_proxy bit.
6473 *************************************************************/
6474 if((conn->bits.conn_to_host || conn->bits.conn_to_port) &&
6475 conn->bits.httpproxy)
6476 conn->bits.tunnel_proxy = TRUE;
6478 /*************************************************************
6479 * Setup internals depending on protocol. Needs to be done after
6480 * we figured out what/if proxy to use.
6481 *************************************************************/
6482 result = setup_connection_internals(conn);
6486 conn->recv[FIRSTSOCKET] = Curl_recv_plain;
6487 conn->send[FIRSTSOCKET] = Curl_send_plain;
6488 conn->recv[SECONDARYSOCKET] = Curl_recv_plain;
6489 conn->send[SECONDARYSOCKET] = Curl_send_plain;
6491 conn->bits.tcp_fastopen = data->set.tcp_fastopen;
6493 /***********************************************************************
6494 * file: is a special case in that it doesn't need a network connection
6495 ***********************************************************************/
6496 #ifndef CURL_DISABLE_FILE
6497 if(conn->handler->flags & PROTOPT_NONETWORK) {
6499 /* this is supposed to be the connect function so we better at least check
6500 that the file is present here! */
6501 DEBUGASSERT(conn->handler->connect_it);
6502 result = conn->handler->connect_it(conn, &done);
6504 /* Setup a "faked" transfer that'll do nothing */
6507 conn->bits.tcpconnect[FIRSTSOCKET] = TRUE; /* we are "connected */
6509 Curl_conncache_add_conn(data->state.conn_cache, conn);
6512 * Setup whatever necessary for a resumed transfer
6514 result = setup_range(data);
6516 DEBUGASSERT(conn->handler->done);
6517 /* we ignore the return code for the protocol-specific DONE */
6518 (void)conn->handler->done(conn, result, FALSE);
6522 Curl_setup_transfer(conn, -1, -1, FALSE, NULL, /* no download */
6523 -1, NULL); /* no upload */
6526 /* since we skip do_init() */
6527 Curl_init_do(data, conn);
6533 /* Get a cloned copy of the SSL config situation stored in the
6534 connection struct. But to get this going nicely, we must first make
6535 sure that the strings in the master copy are pointing to the correct
6536 strings in the session handle strings array!
6538 Keep in mind that the pointers in the master copy are pointing to strings
6539 that will be freed as part of the Curl_easy struct, but all cloned
6540 copies will be separately allocated.
6542 data->set.ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH_ORIG];
6543 data->set.proxy_ssl.primary.CApath = data->set.str[STRING_SSL_CAPATH_PROXY];
6544 data->set.ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE_ORIG];
6545 data->set.proxy_ssl.primary.CAfile = data->set.str[STRING_SSL_CAFILE_PROXY];
6546 data->set.ssl.primary.random_file = data->set.str[STRING_SSL_RANDOM_FILE];
6547 data->set.proxy_ssl.primary.random_file =
6548 data->set.str[STRING_SSL_RANDOM_FILE];
6549 data->set.ssl.primary.egdsocket = data->set.str[STRING_SSL_EGDSOCKET];
6550 data->set.proxy_ssl.primary.egdsocket = data->set.str[STRING_SSL_EGDSOCKET];
6551 data->set.ssl.primary.cipher_list =
6552 data->set.str[STRING_SSL_CIPHER_LIST_ORIG];
6553 data->set.proxy_ssl.primary.cipher_list =
6554 data->set.str[STRING_SSL_CIPHER_LIST_PROXY];
6556 data->set.ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_ORIG];
6557 data->set.proxy_ssl.CRLfile = data->set.str[STRING_SSL_CRLFILE_PROXY];
6558 data->set.ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT_ORIG];
6559 data->set.proxy_ssl.issuercert = data->set.str[STRING_SSL_ISSUERCERT_PROXY];
6560 data->set.ssl.cert = data->set.str[STRING_CERT_ORIG];
6561 data->set.proxy_ssl.cert = data->set.str[STRING_CERT_PROXY];
6562 data->set.ssl.cert_type = data->set.str[STRING_CERT_TYPE_ORIG];
6563 data->set.proxy_ssl.cert_type = data->set.str[STRING_CERT_TYPE_PROXY];
6564 data->set.ssl.key = data->set.str[STRING_KEY_ORIG];
6565 data->set.proxy_ssl.key = data->set.str[STRING_KEY_PROXY];
6566 data->set.ssl.key_type = data->set.str[STRING_KEY_TYPE_ORIG];
6567 data->set.proxy_ssl.key_type = data->set.str[STRING_KEY_TYPE_PROXY];
6568 data->set.ssl.key_passwd = data->set.str[STRING_KEY_PASSWD_ORIG];
6569 data->set.proxy_ssl.key_passwd = data->set.str[STRING_KEY_PASSWD_PROXY];
6570 data->set.ssl.primary.clientcert = data->set.str[STRING_CERT_ORIG];
6571 data->set.proxy_ssl.primary.clientcert = data->set.str[STRING_CERT_PROXY];
6573 data->set.ssl.username = data->set.str[STRING_TLSAUTH_USERNAME_ORIG];
6574 data->set.proxy_ssl.username = data->set.str[STRING_TLSAUTH_USERNAME_PROXY];
6575 data->set.ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_ORIG];
6576 data->set.proxy_ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD_PROXY];
6579 if(!Curl_clone_primary_ssl_config(&data->set.ssl.primary,
6580 &conn->ssl_config)) {
6581 result = CURLE_OUT_OF_MEMORY;
6585 if(!Curl_clone_primary_ssl_config(&data->set.proxy_ssl.primary,
6586 &conn->proxy_ssl_config)) {
6587 result = CURLE_OUT_OF_MEMORY;
6591 prune_dead_connections(data);
6593 /*************************************************************
6594 * Check the current list of connections to see if we can
6595 * re-use an already existing one or if we have to create a
6597 *************************************************************/
6599 /* reuse_fresh is TRUE if we are told to use a new connection by force, but
6600 we only acknowledge this option if this is not a re-used connection
6601 already (which happens due to follow-location or during a HTTP
6602 authentication phase). */
6603 if(data->set.reuse_fresh && !data->state.this_is_a_follow)
6606 reuse = ConnectionExists(data, conn, &conn_temp, &force_reuse, &waitpipe);
6608 /* If we found a reusable connection, we may still want to
6609 open a new connection if we are pipelining. */
6610 if(reuse && !force_reuse && IsPipeliningPossible(data, conn_temp)) {
6611 size_t pipelen = conn_temp->send_pipe->size + conn_temp->recv_pipe->size;
6613 infof(data, "Found connection %ld, with requests in the pipe (%zu)\n",
6614 conn_temp->connection_id, pipelen);
6616 if(conn_temp->bundle->num_connections < max_host_connections &&
6617 data->state.conn_cache->num_connections < max_total_connections) {
6618 /* We want a new connection anyway */
6621 infof(data, "We can reuse, but we want a new connection anyway\n");
6628 * We already have a connection for this, we got the former connection
6629 * in the conn_temp variable and thus we need to cleanup the one we
6630 * just allocated before we can move along and use the previously
6633 conn_temp->inuse = TRUE; /* mark this as being in use so that no other
6634 handle in a multi stack may nick it */
6635 reuse_conn(conn, conn_temp);
6636 free(conn); /* we don't need this anymore */
6640 infof(data, "Re-using existing connection! (#%ld) with %s %s\n",
6641 conn->connection_id,
6642 conn->bits.proxy?"proxy":"host",
6643 conn->socks_proxy.host.name ? conn->socks_proxy.host.dispname :
6644 conn->http_proxy.host.name ? conn->http_proxy.host.dispname :
6645 conn->host.dispname);
6648 /* We have decided that we want a new connection. However, we may not
6649 be able to do that if we have reached the limit of how many
6650 connections we are allowed to open. */
6651 struct connectbundle *bundle = NULL;
6653 if(conn->handler->flags & PROTOPT_ALPN_NPN) {
6654 /* The protocol wants it, so set the bits if enabled in the easy handle
6656 if(data->set.ssl_enable_alpn)
6657 conn->bits.tls_enable_alpn = TRUE;
6658 if(data->set.ssl_enable_npn)
6659 conn->bits.tls_enable_npn = TRUE;
6663 /* There is a connection that *might* become usable for pipelining
6664 "soon", and we wait for that */
6665 connections_available = FALSE;
6667 bundle = Curl_conncache_find_bundle(conn, data->state.conn_cache);
6669 if(max_host_connections > 0 && bundle &&
6670 (bundle->num_connections >= max_host_connections)) {
6671 struct connectdata *conn_candidate;
6673 /* The bundle is full. Let's see if we can kill a connection. */
6674 conn_candidate = find_oldest_idle_connection_in_bundle(data, bundle);
6676 if(conn_candidate) {
6677 /* Set the connection's owner correctly, then kill it */
6678 conn_candidate->data = data;
6679 (void)Curl_disconnect(conn_candidate, /* dead_connection */ FALSE);
6682 infof(data, "No more connections allowed to host: %d\n",
6683 max_host_connections);
6684 connections_available = FALSE;
6688 if(connections_available &&
6689 (max_total_connections > 0) &&
6690 (data->state.conn_cache->num_connections >= max_total_connections)) {
6691 struct connectdata *conn_candidate;
6693 /* The cache is full. Let's see if we can kill a connection. */
6694 conn_candidate = Curl_oldest_idle_connection(data);
6696 if(conn_candidate) {
6697 /* Set the connection's owner correctly, then kill it */
6698 conn_candidate->data = data;
6699 (void)Curl_disconnect(conn_candidate, /* dead_connection */ FALSE);
6702 infof(data, "No connections available in cache\n");
6703 connections_available = FALSE;
6707 if(!connections_available) {
6708 infof(data, "No connections available.\n");
6713 result = CURLE_NO_CONNECTION_AVAILABLE;
6718 * This is a brand new connection, so let's store it in the connection
6721 Curl_conncache_add_conn(data->state.conn_cache, conn);
6724 #if defined(USE_NTLM)
6725 /* If NTLM is requested in a part of this connection, make sure we don't
6726 assume the state is fine as this is a fresh connection and NTLM is
6727 connection based. */
6728 if((data->state.authhost.picked & (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
6729 data->state.authhost.done) {
6730 infof(data, "NTLM picked AND auth done set, clear picked!\n");
6731 data->state.authhost.picked = CURLAUTH_NONE;
6732 data->state.authhost.done = FALSE;
6735 if((data->state.authproxy.picked & (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
6736 data->state.authproxy.done) {
6737 infof(data, "NTLM-proxy picked AND auth done set, clear picked!\n");
6738 data->state.authproxy.picked = CURLAUTH_NONE;
6739 data->state.authproxy.done = FALSE;
6744 /* Mark the connection as used */
6747 /* Setup and init stuff before DO starts, in preparing for the transfer. */
6748 Curl_init_do(data, conn);
6751 * Setup whatever necessary for a resumed transfer
6753 result = setup_range(data);
6757 /* Continue connectdata initialization here. */
6760 * Inherit the proper values from the urldata struct AFTER we have arranged
6761 * the persistent connection stuff
6763 conn->seek_func = data->set.seek_func;
6764 conn->seek_client = data->set.seek_client;
6766 /*************************************************************
6767 * Resolve the address of the server or proxy
6768 *************************************************************/
6769 result = resolve_server(data, conn, async);
6781 /* Curl_setup_conn() is called after the name resolve initiated in
6782 * create_conn() is all done.
6784 * Curl_setup_conn() also handles reused connections
6786 * conn->data MUST already have been setup fine (in create_conn)
6789 CURLcode Curl_setup_conn(struct connectdata *conn,
6790 bool *protocol_done)
6792 CURLcode result = CURLE_OK;
6793 struct Curl_easy *data = conn->data;
6795 Curl_pgrsTime(data, TIMER_NAMELOOKUP);
6797 if(conn->handler->flags & PROTOPT_NONETWORK) {
6798 /* nothing to setup when not using a network */
6799 *protocol_done = TRUE;
6802 *protocol_done = FALSE; /* default to not done */
6804 /* set proxy_connect_closed to false unconditionally already here since it
6805 is used strictly to provide extra information to a parent function in the
6806 case of proxy CONNECT failures and we must make sure we don't have it
6807 lingering set from a previous invoke */
6808 conn->bits.proxy_connect_closed = FALSE;
6811 * Set user-agent. Used for HTTP, but since we can attempt to tunnel
6812 * basically anything through a http proxy we can't limit this based on
6815 if(data->set.str[STRING_USERAGENT]) {
6816 Curl_safefree(conn->allocptr.uagent);
6817 conn->allocptr.uagent =
6818 aprintf("User-Agent: %s\r\n", data->set.str[STRING_USERAGENT]);
6819 if(!conn->allocptr.uagent)
6820 return CURLE_OUT_OF_MEMORY;
6823 data->req.headerbytecount = 0;
6825 #ifdef CURL_DO_LINEEND_CONV
6826 data->state.crlf_conversions = 0; /* reset CRLF conversion counter */
6827 #endif /* CURL_DO_LINEEND_CONV */
6829 /* set start time here for timeout purposes in the connect procedure, it
6830 is later set again for the progress meter purpose */
6831 conn->now = Curl_tvnow();
6833 if(CURL_SOCKET_BAD == conn->sock[FIRSTSOCKET]) {
6834 conn->bits.tcpconnect[FIRSTSOCKET] = FALSE;
6835 result = Curl_connecthost(conn, conn->dns_entry);
6840 Curl_pgrsTime(data, TIMER_CONNECT); /* we're connected already */
6841 Curl_pgrsTime(data, TIMER_APPCONNECT); /* we're connected already */
6842 conn->bits.tcpconnect[FIRSTSOCKET] = TRUE;
6843 *protocol_done = TRUE;
6844 Curl_updateconninfo(conn, conn->sock[FIRSTSOCKET]);
6845 Curl_verboseconnect(conn);
6848 conn->now = Curl_tvnow(); /* time this *after* the connect is done, we
6849 set this here perhaps a second time */
6853 * This check is quite a hack. We're calling _fsetmode to fix the problem
6854 * with fwrite converting newline characters (you get mangled text files,
6855 * and corrupted binary files when you download to stdout and redirect it to
6859 if((data->set.out)->_handle == NULL) {
6860 _fsetmode(stdout, "b");
6867 CURLcode Curl_connect(struct Curl_easy *data,
6868 struct connectdata **in_connect,
6870 bool *protocol_done)
6874 *asyncp = FALSE; /* assume synchronous resolves by default */
6876 /* call the stuff that needs to be called */
6877 result = create_conn(data, in_connect, asyncp);
6881 if((*in_connect)->send_pipe->size || (*in_connect)->recv_pipe->size)
6883 *protocol_done = TRUE;
6885 /* DNS resolution is done: that's either because this is a reused
6886 connection, in which case DNS was unnecessary, or because DNS
6887 really did finish already (synch resolver/fast async resolve) */
6888 result = Curl_setup_conn(*in_connect, protocol_done);
6892 if(result == CURLE_NO_CONNECTION_AVAILABLE) {
6897 if(result && *in_connect) {
6898 /* We're not allowed to return failure with memory left allocated
6899 in the connectdata struct, free those here */
6900 Curl_disconnect(*in_connect, FALSE); /* close the connection */
6901 *in_connect = NULL; /* return a NULL */
6908 * Curl_init_do() inits the readwrite session. This is inited each time (in
6909 * the DO function before the protocol-specific DO functions are invoked) for
6910 * a transfer, sometimes multiple times on the same Curl_easy. Make sure
6911 * nothing in here depends on stuff that are setup dynamically for the
6914 * Allow this function to get called with 'conn' set to NULL.
6917 CURLcode Curl_init_do(struct Curl_easy *data, struct connectdata *conn)
6919 struct SingleRequest *k = &data->req;
6922 conn->bits.do_more = FALSE; /* by default there's no curl_do_more() to
6925 data->state.done = FALSE; /* *_done() is not called yet */
6926 data->state.expect100header = FALSE;
6928 if(data->set.opt_no_body)
6929 /* in HTTP lingo, no body means using the HEAD request... */
6930 data->set.httpreq = HTTPREQ_HEAD;
6931 else if(HTTPREQ_HEAD == data->set.httpreq)
6932 /* ... but if unset there really is no perfect method that is the
6933 "opposite" of HEAD but in reality most people probably think GET
6934 then. The important thing is that we can't let it remain HEAD if the
6935 opt_no_body is set FALSE since then we'll behave wrong when getting
6937 data->set.httpreq = HTTPREQ_GET;
6939 k->start = Curl_tvnow(); /* start time */
6940 k->now = k->start; /* current time is now */
6941 k->header = TRUE; /* assume header */
6945 k->buf = data->state.buffer;
6946 k->uploadbuf = data->state.uploadbuffer;
6947 k->hbufp = data->state.headerbuff;
6948 k->ignorebody=FALSE;
6950 Curl_speedinit(data);
6952 Curl_pgrsSetUploadCounter(data, 0);
6953 Curl_pgrsSetDownloadCounter(data, 0);
6959 * get_protocol_family()
6961 * This is used to return the protocol family for a given protocol.
6965 * protocol [in] - A single bit protocol identifier such as HTTP or HTTPS.
6967 * Returns the family as a single bit protocol identifier.
6970 unsigned int get_protocol_family(unsigned int protocol)
6972 unsigned int family;
6975 case CURLPROTO_HTTP:
6976 case CURLPROTO_HTTPS:
6977 family = CURLPROTO_HTTP;
6981 case CURLPROTO_FTPS:
6982 family = CURLPROTO_FTP;
6986 family = CURLPROTO_SCP;
6989 case CURLPROTO_SFTP:
6990 family = CURLPROTO_SFTP;
6993 case CURLPROTO_TELNET:
6994 family = CURLPROTO_TELNET;
6997 case CURLPROTO_LDAP:
6998 case CURLPROTO_LDAPS:
6999 family = CURLPROTO_LDAP;
7002 case CURLPROTO_DICT:
7003 family = CURLPROTO_DICT;
7006 case CURLPROTO_FILE:
7007 family = CURLPROTO_FILE;
7010 case CURLPROTO_TFTP:
7011 family = CURLPROTO_TFTP;
7014 case CURLPROTO_IMAP:
7015 case CURLPROTO_IMAPS:
7016 family = CURLPROTO_IMAP;
7019 case CURLPROTO_POP3:
7020 case CURLPROTO_POP3S:
7021 family = CURLPROTO_POP3;
7024 case CURLPROTO_SMTP:
7025 case CURLPROTO_SMTPS:
7026 family = CURLPROTO_SMTP;
7029 case CURLPROTO_RTSP:
7030 family = CURLPROTO_RTSP;
7033 case CURLPROTO_RTMP:
7034 case CURLPROTO_RTMPS:
7035 family = CURLPROTO_RTMP;
7038 case CURLPROTO_RTMPT:
7039 case CURLPROTO_RTMPTS:
7040 family = CURLPROTO_RTMPT;
7043 case CURLPROTO_RTMPE:
7044 family = CURLPROTO_RTMPE;
7047 case CURLPROTO_RTMPTE:
7048 family = CURLPROTO_RTMPTE;
7051 case CURLPROTO_GOPHER:
7052 family = CURLPROTO_GOPHER;
7056 case CURLPROTO_SMBS:
7057 family = CURLPROTO_SMB;
projects / platform / upstream / curl.git / blob