* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
#include <inet.h>
#endif
+#ifdef HAVE_SYS_UN_H
+#include <sys/un.h>
+#endif
+
#ifndef HAVE_SOCKET
#error "We can't compile without socket() support!"
#endif
#include "netrc.h"
#include "formdata.h"
-#include "sslgen.h"
+#include "vtls/vtls.h"
#include "hostip.h"
#include "transfer.h"
#include "sendf.h"
#include "multihandle.h"
#include "pipeline.h"
#include "dotdot.h"
+#include "strdup.h"
#define _MPRINTF_REPLACE /* use our functions only */
#include <curl/mprintf.h>
static CURLcode do_init(struct connectdata *conn);
static CURLcode parse_url_login(struct SessionHandle *data,
struct connectdata *conn,
- char *user, char *passwd, char *options);
+ char **userptr, char **passwdptr,
+ char **optionsptr);
static CURLcode parse_login_details(const char *login, const size_t len,
char **userptr, char **passwdptr,
char **optionsptr);
#endif
#endif
+#if !defined(CURL_DISABLE_SMB) && defined(USE_NTLM) && \
+ (CURL_SIZEOF_CURL_OFF_T > 4) && \
+ (!defined(USE_WINDOWS_SSPI) || defined(USE_WIN32_CRYPTO))
+ &Curl_handler_smb,
+#ifdef USE_SSL
+ &Curl_handler_smbs,
+#endif
+#endif
+
#ifndef CURL_DISABLE_SMTP
&Curl_handler_smtp,
#ifdef USE_SSL
{
/* Free all dynamic strings stored in the data->set substructure. */
enum dupstring i;
- for(i=(enum dupstring)0; i < STRING_LAST; i++)
+ for(i=(enum dupstring)0; i < STRING_LAST; i++) {
Curl_safefree(data->set.str[i]);
+ }
if(data->change.referer_alloc) {
Curl_safefree(data->change.referer);
data->change.referer_alloc = FALSE;
}
data->change.referer = NULL;
+ if(data->change.url_alloc) {
+ Curl_safefree(data->change.url);
+ data->change.url_alloc = FALSE;
+ }
+ data->change.url = NULL;
}
static CURLcode setstropt(char **charp, char *s)
return CURLE_OK;
}
-static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp,
- char **optionsp)
+static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp)
{
CURLcode result = CURLE_OK;
char *user = NULL;
char *passwd = NULL;
- char *options = NULL;
/* Parse the login details if specified. It not then we treat NULL as a hint
to clear the existing data */
result = parse_login_details(option, strlen(option),
(userp ? &user : NULL),
(passwdp ? &passwd : NULL),
- (optionsp ? &options : NULL));
+ NULL);
}
if(!result) {
Curl_safefree(*passwdp);
*passwdp = passwd;
}
-
- /* Store the options part of option if required */
- if(optionsp) {
- Curl_safefree(*optionsp);
- *optionsp = options;
- }
}
return result;
CURLcode Curl_dupset(struct SessionHandle *dst, struct SessionHandle *src)
{
- CURLcode r = CURLE_OK;
+ CURLcode result = CURLE_OK;
enum dupstring i;
/* Copy src->set into dst->set first, then deal with the strings
memset(dst->set.str, 0, STRING_LAST * sizeof(char *));
/* duplicate all strings */
- for(i=(enum dupstring)0; i< STRING_LAST; i++) {
- r = setstropt(&dst->set.str[i], src->set.str[i]);
- if(r != CURLE_OK)
- break;
+ for(i=(enum dupstring)0; i< STRING_LASTZEROTERMINATED; i++) {
+ result = setstropt(&dst->set.str[i], src->set.str[i]);
+ if(result)
+ return result;
}
- /* If a failure occurred, freeing has to be performed externally. */
- return r;
+ /* duplicate memory areas pointed to */
+ i = STRING_COPYPOSTFIELDS;
+ if(src->set.postfieldsize && src->set.str[i]) {
+ /* postfieldsize is curl_off_t, Curl_memdup() takes a size_t ... */
+ dst->set.str[i] = Curl_memdup(src->set.str[i],
+ curlx_sotouz(src->set.postfieldsize));
+ if(!dst->set.str[i])
+ return CURLE_OUT_OF_MEMORY;
+ /* point to the new copy */
+ dst->set.postfields = dst->set.str[i];
+ }
+
+ return CURLE_OK;
}
/*
Curl_safefree(data->state.pathbuffer);
data->state.path = NULL;
- Curl_safefree(data->state.proto.generic);
+ /* freed here just in case DONE wasn't called */
+ Curl_free_request_state(data);
/* Close down all open SSL info and sessions */
Curl_ssl_close_all(data);
Curl_safefree(data->state.scratch);
Curl_ssl_free_certinfo(data);
+ /* Cleanup possible redirect junk */
+ if(data->req.newurl) {
+ free(data->req.newurl);
+ data->req.newurl = NULL;
+ }
+
if(data->change.referer_alloc) {
Curl_safefree(data->change.referer);
data->change.referer_alloc = FALSE;
*/
CURLcode Curl_init_userdefined(struct UserDefined *set)
{
- CURLcode res = CURLE_OK;
+ CURLcode result = CURLE_OK;
set->out = stdout; /* default output to stdout */
set->in = stdin; /* default input from stdin */
set->convtonetwork = ZERO_NULL;
set->convfromutf8 = ZERO_NULL;
- set->infilesize = -1; /* we don't know any size */
+ set->filesize = -1; /* we don't know the size */
set->postfieldsize = -1; /* unknown size */
set->maxredirs = -1; /* allow any amount by default */
define since we internally only use the lower 16 bits for the passed
in bitmask to not conflict with the private bits */
set->allowed_protocols = CURLPROTO_ALL;
- set->redir_protocols =
- CURLPROTO_ALL & ~(CURLPROTO_FILE|CURLPROTO_SCP); /* not FILE or SCP */
+ set->redir_protocols = CURLPROTO_ALL & /* All except FILE, SCP and SMB */
+ ~(CURLPROTO_FILE | CURLPROTO_SCP | CURLPROTO_SMB |
+ CURLPROTO_SMBS);
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
/*
* seem not to follow rfc1961 section 4.3/4.4
*/
set->socks5_gssapi_nec = FALSE;
- /* set default gssapi service name */
- res = setstropt(&set->str[STRING_SOCKS5_GSSAPI_SERVICE],
- (char *) CURL_DEFAULT_SOCKS5_GSSAPI_SERVICE);
- if(res != CURLE_OK)
- return res;
+ /* set default GSS-API service name */
+ result = setstropt(&set->str[STRING_SOCKS5_GSSAPI_SERVICE],
+ (char *) CURL_DEFAULT_SOCKS5_GSSAPI_SERVICE);
+ if(result)
+ return result;
#endif
/* This is our preferred CA cert bundle/path since install time */
#if defined(CURL_CA_BUNDLE)
- res = setstropt(&set->str[STRING_SSL_CAFILE], (char *) CURL_CA_BUNDLE);
+ result = setstropt(&set->str[STRING_SSL_CAFILE], (char *) CURL_CA_BUNDLE);
#elif defined(CURL_CA_PATH)
- res = setstropt(&set->str[STRING_SSL_CAPATH], (char *) CURL_CA_PATH);
+ result = setstropt(&set->str[STRING_SSL_CAPATH], (char *) CURL_CA_PATH);
#endif
set->wildcardmatch = FALSE;
set->tcp_keepintvl = 60;
set->tcp_keepidle = 60;
- return res;
+ set->ssl_enable_npn = TRUE;
+ set->ssl_enable_alpn = TRUE;
+
+ set->expect_100_timeout = 1000L; /* Wait for a second by default. */
+ return result;
}
/**
CURLcode Curl_open(struct SessionHandle **curl)
{
- CURLcode res = CURLE_OK;
+ CURLcode result;
struct SessionHandle *data;
- CURLcode status;
/* Very simple start-up: alloc the struct, init it with zeroes and return */
data = calloc(1, sizeof(struct SessionHandle));
data->magic = CURLEASY_MAGIC_NUMBER;
- status = Curl_resolver_init(&data->state.resolver);
- if(status) {
+ result = Curl_resolver_init(&data->state.resolver);
+ if(result) {
DEBUGF(fprintf(stderr, "Error: resolver_init failed\n"));
free(data);
- return status;
+ return result;
}
/* We do some initial setup here, all those fields that can't be just 0 */
data->state.headerbuff = malloc(HEADERSIZE);
if(!data->state.headerbuff) {
DEBUGF(fprintf(stderr, "Error: malloc of headerbuff failed\n"));
- res = CURLE_OUT_OF_MEMORY;
+ result = CURLE_OUT_OF_MEMORY;
}
else {
- Curl_easy_initHandleData(data);
- res = Curl_init_userdefined(&data->set);
+ result = Curl_init_userdefined(&data->set);
data->state.headersize=HEADERSIZE;
data->set.maxconnects = DEFAULT_CONNCACHE_SIZE; /* for easy handles */
}
- if(res) {
+ if(result) {
Curl_resolver_cleanup(data->state.resolver);
if(data->state.headerbuff)
free(data->state.headerbuff);
else
*curl = data;
- return res;
+ return result;
}
CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
break;
case CURLOPT_FAILONERROR:
/*
- * Don't output the >=300 error code HTML-page, but instead only
+ * Don't output the >=400 error code HTML-page, but instead only
* return error.
*/
data->set.http_fail_on_error = (0 != va_arg(param, long))?TRUE:FALSE;
data->set.headers = va_arg(param, struct curl_slist *);
break;
+ case CURLOPT_PROXYHEADER:
+ /*
+ * Set a list with proxy headers to use (or replace internals with)
+ *
+ * Since CURLOPT_HTTPHEADER was the only way to set HTTP headers for a
+ * long time we remain doing it this way until CURLOPT_PROXYHEADER is
+ * used. As soon as this option has been used, if set to anything but
+ * NULL, custom headers for proxies are only picked from this list.
+ *
+ * Set this option to NULL to restore the previous behavior.
+ */
+ data->set.proxyheaders = va_arg(param, struct curl_slist *);
+ break;
+
+ case CURLOPT_HEADEROPT:
+ /*
+ * Set header option.
+ */
+ arg = va_arg(param, long);
+ data->set.sep_headers = (arg & CURLHEADER_SEPARATE)? TRUE: FALSE;
+ break;
+
case CURLOPT_HTTP200ALIASES:
/*
* Set a list of aliases for HTTP 200 in response header
/*
* Set cookie file name to dump all cookies to when we're done.
*/
+ {
+ struct CookieInfo *newcookies;
result = setstropt(&data->set.str[STRING_COOKIEJAR],
va_arg(param, char *));
* Activate the cookie parser. This may or may not already
* have been made.
*/
- data->cookies = Curl_cookie_init(data, NULL, data->cookies,
- data->set.cookiesession);
+ newcookies = Curl_cookie_init(data, NULL, data->cookies,
+ data->set.cookiesession);
+ if(!newcookies)
+ result = CURLE_OUT_OF_MEMORY;
+ data->cookies = newcookies;
+ }
break;
case CURLOPT_COOKIESESSION:
if(argptr == NULL)
break;
- Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
-
if(Curl_raw_equal(argptr, "ALL")) {
/* clear all cookies */
+ Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
Curl_cookie_clearall(data->cookies);
+ Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
}
else if(Curl_raw_equal(argptr, "SESS")) {
/* clear session cookies */
+ Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
Curl_cookie_clearsess(data->cookies);
+ Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
}
else if(Curl_raw_equal(argptr, "FLUSH")) {
- /* flush cookies to file */
+ /* flush cookies to file, takes care of the locking */
Curl_flush_cookies(data, 0);
}
+ else if(Curl_raw_equal(argptr, "RELOAD")) {
+ /* reload cookies from file */
+ Curl_cookie_loadfiles(data);
+ break;
+ }
else {
if(!data->cookies)
/* if cookie engine was not running, activate it */
data->cookies = Curl_cookie_init(data, NULL, NULL, TRUE);
argptr = strdup(argptr);
- if(!argptr) {
+ if(!argptr || !data->cookies) {
result = CURLE_OUT_OF_MEMORY;
+ Curl_safefree(argptr);
}
else {
+ Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
if(checkprefix("Set-Cookie:", argptr))
/* HTTP Header format line */
/* Netscape format line */
Curl_cookie_add(data, data->cookies, FALSE, argptr, NULL, NULL);
+ Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
free(argptr);
}
}
- Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
break;
#endif /* CURL_DISABLE_COOKIES */
* This sets a requested HTTP version to be used. The value is one of
* the listed enums in curl/curl.h.
*/
- data->set.httpversion = va_arg(param, long);
+ arg = va_arg(param, long);
+#ifndef USE_NGHTTP2
+ if(arg == CURL_HTTP_VERSION_2_0)
+ return CURLE_UNSUPPORTED_PROTOCOL;
+#endif
+ data->set.httpversion = arg;
break;
case CURLOPT_HTTPAUTH:
#elif !defined(NTLM_WB_ENABLED)
auth &= ~CURLAUTH_NTLM_WB; /* no NTLM_WB support */
#endif
-#ifndef USE_HTTP_NEGOTIATE
- auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or
- WINDOWS_SSPI */
+#ifndef USE_SPNEGO
+ auth &= ~CURLAUTH_NEGOTIATE; /* no Negotiate (SPNEGO) auth without
+ GSS-API or SSPI */
#endif
/* check if any auth bit lower than CURLAUTH_ONLY is still set */
}
break;
+ case CURLOPT_EXPECT_100_TIMEOUT_MS:
+ /*
+ * Time to wait for a response to a HTTP request containing an
+ * Expect: 100-continue header before sending the data anyway.
+ */
+ data->set.expect_100_timeout = va_arg(param, long);
+ break;
+
#endif /* CURL_DISABLE_HTTP */
case CURLOPT_CUSTOMREQUEST:
#elif !defined(NTLM_WB_ENABLED)
auth &= ~CURLAUTH_NTLM_WB; /* no NTLM_WB support */
#endif
-#ifndef USE_HTTP_NEGOTIATE
- auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or
- WINDOWS_SSPI */
+#ifndef USE_SPNEGO
+ auth &= ~CURLAUTH_NEGOTIATE; /* no Negotiate (SPNEGO) auth without
+ GSS-API or SSPI */
#endif
/* check if any auth bit lower than CURLAUTH_ONLY is still set */
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
case CURLOPT_SOCKS5_GSSAPI_SERVICE:
/*
- * Set gssapi service name
+ * Set GSS-API service name
*/
result = setstropt(&data->set.str[STRING_SOCKS5_GSSAPI_SERVICE],
va_arg(param, char *));
break;
#endif
- case CURLOPT_WRITEHEADER:
+ case CURLOPT_HEADERDATA:
/*
* Custom pointer to pass the header write callback function
*/
*/
data->set.errorbuffer = va_arg(param, char *);
break;
- case CURLOPT_FILE:
+ case CURLOPT_WRITEDATA:
/*
* FILE pointer to write to. Or possibly
* used as argument to the write callback.
data->set.ftp_skip_ip = (0 != va_arg(param, long))?TRUE:FALSE;
break;
- case CURLOPT_INFILE:
+ case CURLOPT_READDATA:
/*
* FILE pointer to read the file to be uploaded from. Or possibly
* used as argument to the read callback.
* If known, this should inform curl about the file size of the
* to-be-uploaded file.
*/
- data->set.infilesize = va_arg(param, long);
+ data->set.filesize = va_arg(param, long);
break;
case CURLOPT_INFILESIZE_LARGE:
/*
* If known, this should inform curl about the file size of the
* to-be-uploaded file.
*/
- data->set.infilesize = va_arg(param, curl_off_t);
+ data->set.filesize = va_arg(param, curl_off_t);
break;
case CURLOPT_LOW_SPEED_LIMIT:
/*
case CURLOPT_USERPWD:
/*
- * user:password;options to use in the operation
+ * user:password to use in the operation
*/
result = setstropt_userpwd(va_arg(param, char *),
&data->set.str[STRING_USERNAME],
- &data->set.str[STRING_PASSWORD],
- &data->set.str[STRING_OPTIONS]);
+ &data->set.str[STRING_PASSWORD]);
break;
+
case CURLOPT_USERNAME:
/*
* authentication user name to use in the operation
result = setstropt(&data->set.str[STRING_USERNAME],
va_arg(param, char *));
break;
+
case CURLOPT_PASSWORD:
/*
* authentication password to use in the operation
result = setstropt(&data->set.str[STRING_PASSWORD],
va_arg(param, char *));
break;
+
+ case CURLOPT_LOGIN_OPTIONS:
+ /*
+ * authentication options to use in the operation
+ */
+ result = setstropt(&data->set.str[STRING_OPTIONS],
+ va_arg(param, char *));
+ break;
+
+ case CURLOPT_XOAUTH2_BEARER:
+ /*
+ * XOAUTH2 bearer token to use in the operation
+ */
+ result = setstropt(&data->set.str[STRING_BEARER],
+ va_arg(param, char *));
+ break;
+
case CURLOPT_POSTQUOTE:
/*
* List of RAW FTP commands to use after a transfer
*/
result = setstropt_userpwd(va_arg(param, char *),
&data->set.str[STRING_PROXYUSERNAME],
- &data->set.str[STRING_PROXYPASSWORD], NULL);
+ &data->set.str[STRING_PROXYPASSWORD]);
break;
case CURLOPT_PROXYUSERNAME:
/*
break;
case CURLOPT_GSSAPI_DELEGATION:
/*
- * GSSAPI credential delegation
+ * GSS-API credential delegation
*/
data->set.gssapi_delegation = va_arg(param, long);
break;
data->set.ssl.verifyhost = (0 != arg)?TRUE:FALSE;
break;
-#ifdef USE_SSLEAY
- /* since these two options are only possible to use on an OpenSSL-
- powered libcurl we #ifdef them on this condition so that libcurls
- built against other SSL libs will return a proper error when trying
- to set this option! */
case CURLOPT_SSL_CTX_FUNCTION:
+#ifdef have_curlssl_ssl_ctx
/*
* Set a SSL_CTX callback
*/
data->set.ssl.fsslctx = va_arg(param, curl_ssl_ctx_callback);
+#else
+ result = CURLE_NOT_BUILT_IN;
+#endif
break;
case CURLOPT_SSL_CTX_DATA:
+#ifdef have_curlssl_ssl_ctx
/*
* Set a SSL_CTX callback parameter pointer
*/
data->set.ssl.fsslctxp = va_arg(param, void *);
- break;
+#else
+ result = CURLE_NOT_BUILT_IN;
#endif
-#if defined(USE_SSLEAY) || defined(USE_QSOSSL) || defined(USE_GSKIT)
+ break;
case CURLOPT_CERTINFO:
+#ifdef have_curlssl_certinfo
data->set.ssl.certinfo = (0 != va_arg(param, long))?TRUE:FALSE;
- break;
+#else
+ result = CURLE_NOT_BUILT_IN;
#endif
+ break;
+ case CURLOPT_PINNEDPUBLICKEY:
+ /*
+ * Set pinned public key for SSL connection.
+ * Specify file name of the public key in DER format.
+ */
+ result = setstropt(&data->set.str[STRING_SSL_PINNEDPUBLICKEY],
+ va_arg(param, char *));
+ break;
case CURLOPT_CAINFO:
/*
* Set CA info for SSL connection. Specify file name of the CA certificate
va_arg(param, char *));
break;
case CURLOPT_CAPATH:
+#ifdef have_curlssl_ca_path /* not supported by all backends */
/*
* Set CA path info for SSL connection. Specify directory name of the CA
* certificates which have been prepared using openssl c_rehash utility.
/* This does not work on windows. */
result = setstropt(&data->set.str[STRING_SSL_CAPATH],
va_arg(param, char *));
+#else
+ result = CURLE_NOT_BUILT_IN;
+#endif
break;
case CURLOPT_CRLFILE:
/*
* know that an unsigned int will always hold the value so we blindly
* typecast to this type
*/
- data->set.scope = curlx_sltoui(va_arg(param, long));
+ data->set.scope_id = curlx_sltoui(va_arg(param, long));
break;
case CURLOPT_PROTOCOLS:
case CURLOPT_DNS_SERVERS:
result = Curl_set_dns_servers(data, va_arg(param, char *));
break;
+ case CURLOPT_DNS_INTERFACE:
+ result = Curl_set_dns_interface(data, va_arg(param, char *));
+ break;
+ case CURLOPT_DNS_LOCAL_IP4:
+ result = Curl_set_dns_local_ip4(data, va_arg(param, char *));
+ break;
+ case CURLOPT_DNS_LOCAL_IP6:
+ result = Curl_set_dns_local_ip6(data, va_arg(param, char *));
+ break;
case CURLOPT_TCP_KEEPALIVE:
data->set.tcp_keepalive = (0 != va_arg(param, long))?TRUE:FALSE;
case CURLOPT_TCP_KEEPINTVL:
data->set.tcp_keepintvl = va_arg(param, long);
break;
+ case CURLOPT_SSL_ENABLE_NPN:
+ data->set.ssl_enable_npn = (0 != va_arg(param, long))?TRUE:FALSE;
+ break;
+ case CURLOPT_SSL_ENABLE_ALPN:
+ data->set.ssl_enable_alpn = (0 != va_arg(param, long))?TRUE:FALSE;
+ break;
+
+#ifdef USE_UNIX_SOCKETS
+ case CURLOPT_UNIX_SOCKET_PATH:
+ result = setstropt(&data->set.str[STRING_UNIX_SOCKET_PATH],
+ va_arg(param, char *));
+ break;
+#endif
default:
/* unknown tag and its companion, just ignore: */
Curl_closesocket(conn, conn->sock[SECONDARYSOCKET]);
if(CURL_SOCKET_BAD != conn->sock[FIRSTSOCKET])
Curl_closesocket(conn, conn->sock[FIRSTSOCKET]);
+ if(CURL_SOCKET_BAD != conn->tempsock[0])
+ Curl_closesocket(conn, conn->tempsock[0]);
+ if(CURL_SOCKET_BAD != conn->tempsock[1])
+ Curl_closesocket(conn, conn->tempsock[1]);
-#if defined(USE_NTLM) && defined(NTLM_WB_ENABLED)
+#if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \
+ defined(NTLM_WB_ENABLED)
Curl_ntlm_wb_cleanup(conn);
#endif
Curl_safefree(conn->user);
Curl_safefree(conn->passwd);
+ Curl_safefree(conn->xoauth2_bearer);
Curl_safefree(conn->options);
Curl_safefree(conn->proxyuser);
Curl_safefree(conn->proxypasswd);
free(conn); /* free all the connection oriented data */
}
+/*
+ * Disconnects the given connection. Note the connection may not be the
+ * primary connection, like when freeing room in the connection cache or
+ * killing of a dead old connection.
+ *
+ * This function MUST NOT reset state in the SessionHandle struct if that
+ * isn't strictly bound to the life-time of *this* particular connection.
+ *
+ */
+
CURLcode Curl_disconnect(struct connectdata *conn, bool dead_connection)
{
struct SessionHandle *data;
Curl_hostcache_prune(data); /* kill old DNS cache entries */
- {
- int has_host_ntlm = (conn->ntlm.state != NTLMSTATE_NONE);
- int has_proxy_ntlm = (conn->proxyntlm.state != NTLMSTATE_NONE);
-
- /* Authentication data is a mix of connection-related and sessionhandle-
- related stuff. NTLM is connection-related so when we close the shop
- we shall forget. */
-
- if(has_host_ntlm) {
- data->state.authhost.done = FALSE;
- data->state.authhost.picked =
- data->state.authhost.want;
- }
-
- if(has_proxy_ntlm) {
- data->state.authproxy.done = FALSE;
- data->state.authproxy.picked =
- data->state.authproxy.want;
- }
-
- if(has_host_ntlm || has_proxy_ntlm)
- data->state.authproblem = FALSE;
- }
-
+#if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM)
/* Cleanup NTLM connection-related data */
Curl_http_ntlm_cleanup(conn);
-
- /* Cleanup possible redirect junk */
- if(data->req.newurl) {
- free(data->req.newurl);
- data->req.newurl = NULL;
- }
+#endif
if(conn->handler->disconnect)
/* This is set if protocol-specific cleanups should be made */
conn_free(conn);
- Curl_speedinit(data);
-
return CURLE_OK;
}
static bool IsPipeliningPossible(const struct SessionHandle *handle,
const struct connectdata *conn)
{
- if((conn->handler->protocol & CURLPROTO_HTTP) &&
+ if((conn->handler->protocol & PROTO_FAMILY_HTTP) &&
Curl_multi_pipeline_enabled(handle->multi) &&
(handle->set.httpreq == HTTPREQ_GET ||
handle->set.httpreq == HTTPREQ_HEAD) &&
{
if(!Curl_llist_insert_next(pipeline, pipeline->tail, data))
return CURLE_OUT_OF_MEMORY;
- infof(data, "Curl_addHandleToPipeline: length: %d\n", pipeline->size);
return CURLE_OK;
}
}
/*
+ * This function checks if given connection is dead and disconnects if so.
+ * (That also removes it from the connection cache.)
+ *
+ * Returns TRUE if the connection actually was dead and disconnected.
+ */
+static bool disconnect_if_dead(struct connectdata *conn,
+ struct SessionHandle *data)
+{
+ size_t pipeLen = conn->send_pipe->size + conn->recv_pipe->size;
+ if(!pipeLen && !conn->inuse) {
+ /* The check for a dead socket makes sense only if there are no
+ handles in pipeline and the connection isn't already marked in
+ use */
+ bool dead;
+ if(conn->handler->protocol & CURLPROTO_RTSP)
+ /* RTSP is a special case due to RTP interleaving */
+ dead = Curl_rtsp_connisdead(conn);
+ else
+ dead = SocketIsDead(conn->sock[FIRSTSOCKET]);
+
+ if(dead) {
+ conn->data = data;
+ infof(data, "Connection %ld seems to be dead!\n", conn->connection_id);
+
+ /* disconnect resources */
+ Curl_disconnect(conn, /* dead_connection */TRUE);
+ return TRUE;
+ }
+ }
+ return FALSE;
+}
+
+/*
+ * Wrapper to use disconnect_if_dead() function in Curl_conncache_foreach()
+ *
+ * Returns always 0.
+ */
+static int call_disconnect_if_dead(struct connectdata *conn,
+ void *param)
+{
+ struct SessionHandle* data = (struct SessionHandle*)param;
+ disconnect_if_dead(conn, data);
+ return 0; /* continue iteration */
+}
+
+/*
+ * This function scans the connection cache for half-open/dead connections,
+ * closes and removes them.
+ * The cleanup is done at most once per second.
+ */
+static void prune_dead_connections(struct SessionHandle *data)
+{
+ struct timeval now = Curl_tvnow();
+ long elapsed = Curl_tvdiff(now, data->state.conn_cache->last_cleanup);
+
+ if(elapsed >= 1000L) {
+ Curl_conncache_foreach(data->state.conn_cache, data,
+ call_disconnect_if_dead);
+ data->state.conn_cache->last_cleanup = now;
+ }
+}
+
+/*
* Given one filled in connection struct (named needle), this function should
* detect if there already is one that has all the significant details
* exactly the same and thus should be used instead.
struct connectdata *check;
struct connectdata *chosen = 0;
bool canPipeline = IsPipeliningPossible(data, needle);
- bool wantNTLM = (data->state.authhost.want==CURLAUTH_NTLM) ||
- (data->state.authhost.want==CURLAUTH_NTLM_WB) ? TRUE : FALSE;
+ bool wantNTLMhttp = ((data->state.authhost.want & CURLAUTH_NTLM) ||
+ (data->state.authhost.want & CURLAUTH_NTLM_WB)) &&
+ (needle->handler->protocol & PROTO_FAMILY_HTTP) ? TRUE : FALSE;
struct connectbundle *bundle;
*force_reuse = FALSE;
curr = bundle->conn_list->head;
while(curr) {
bool match = FALSE;
+#if defined(USE_NTLM)
bool credentialsMatch = FALSE;
+#endif
size_t pipeLen;
/*
check = curr->ptr;
curr = curr->next;
- pipeLen = check->send_pipe->size + check->recv_pipe->size;
-
- if(!pipeLen && !check->inuse) {
- /* The check for a dead socket makes sense only if there are no
- handles in pipeline and the connection isn't already marked in
- use */
- bool dead;
- if(check->handler->protocol & CURLPROTO_RTSP)
- /* RTSP is a special case due to RTP interleaving */
- dead = Curl_rtsp_connisdead(check);
- else
- dead = SocketIsDead(check->sock[FIRSTSOCKET]);
-
- if(dead) {
- check->data = data;
- infof(data, "Connection %ld seems to be dead!\n",
- check->connection_id);
+ if(disconnect_if_dead(check, data))
+ continue;
- /* disconnect resources */
- Curl_disconnect(check, /* dead_connection */ TRUE);
- continue;
- }
- }
+ pipeLen = check->send_pipe->size + check->recv_pipe->size;
if(canPipeline) {
/* Make sure the pipe has only GET requests */
continue;
}
- if((needle->handler->protocol & CURLPROTO_FTP) ||
- ((needle->handler->protocol & CURLPROTO_HTTP) && wantNTLM)) {
- /* This is FTP or HTTP+NTLM, verify that we're using the same name
- and password as well */
- if(!strequal(needle->user, check->user) ||
- !strequal(needle->passwd, check->passwd)) {
- /* one of them was different */
- continue;
- }
- credentialsMatch = TRUE;
+ if((!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) ||
+ wantNTLMhttp) {
+ /* This protocol requires credentials per connection or is HTTP+NTLM,
+ so verify that we're using the same name and password as well */
+ if(!strequal(needle->user, check->user) ||
+ !strequal(needle->passwd, check->passwd)) {
+ /* one of them was different */
+ continue;
+ }
+#if defined(USE_NTLM)
+ credentialsMatch = TRUE;
+#endif
}
if(!needle->bits.httpproxy || needle->handler->flags&PROTOPT_SSL ||
}
if(match) {
- /* If we are looking for an NTLM connection, check if this is already
- authenticating with the right credentials. If not, keep looking so
- that we can reuse NTLM connections if possible. (Especially we
- must not reuse the same connection if partway through
- a handshake!) */
- if(wantNTLM) {
+#if defined(USE_NTLM)
+ /* If we are looking for an HTTP+NTLM connection, check if this is
+ already authenticating with the right credentials. If not, keep
+ looking so that we can reuse NTLM connections if
+ possible. (Especially we must not reuse the same connection if
+ partway through a handshake!) */
+ if(wantNTLMhttp) {
if(credentialsMatch && check->ntlm.state != NTLMSTATE_NONE) {
chosen = check;
*force_reuse = TRUE;
break;
}
- else
- continue;
+ else if(credentialsMatch)
+ /* this is a backup choice */
+ chosen = check;
+ continue;
}
+#endif
if(canPipeline) {
/* We can pipeline if we want to. Let's continue looking for
{
/* data->multi->maxconnects can be negative, deal with it. */
size_t maxconnects =
- (data->multi->maxconnects < 0) ? 0 : data->multi->maxconnects;
+ (data->multi->maxconnects < 0) ? data->multi->num_easy * 4:
+ data->multi->maxconnects;
struct connectdata *conn_candidate = NULL;
/* Mark the current connection as 'unused' */
static CURLcode ConnectionStore(struct SessionHandle *data,
struct connectdata *conn)
{
- static int connection_id_counter = 0;
-
- CURLcode result;
-
- /* Assign a number to the connection for easier tracking in the log
- output */
- conn->connection_id = connection_id_counter++;
-
- result = Curl_conncache_add_conn(data->state.conn_cache, conn);
- if(result != CURLE_OK)
- conn->connection_id = -1;
-
- return result;
+ return Curl_conncache_add_conn(data->state.conn_cache, conn);
}
/* after a TCP connection to the proxy has been verified, this function does
Note: this function's sub-functions call failf()
*/
-CURLcode Curl_connected_proxy(struct connectdata *conn)
+CURLcode Curl_connected_proxy(struct connectdata *conn,
+ int sockindex)
{
- if(!conn->bits.proxy)
+ if(!conn->bits.proxy || sockindex)
+ /* this magic only works for the primary socket as the secondary is used
+ for FTP only and it has FTP specific magic in ftp.c */
return CURLE_OK;
switch(conn->proxytype) {
return CURLE_OK;
}
-static CURLcode ConnectPlease(struct SessionHandle *data,
- struct connectdata *conn,
- bool *connected)
-{
- CURLcode result;
- Curl_addrinfo *addr;
-#ifndef CURL_DISABLE_VERBOSE_STRINGS
- char *hostname = conn->bits.proxy?conn->proxy.name:conn->host.name;
-
- infof(data, "About to connect() to %s%s port %ld (#%ld)\n",
- conn->bits.proxy?"proxy ":"",
- hostname, conn->port, conn->connection_id);
-#else
- (void)data;
-#endif
-
- /*************************************************************
- * Connect to server/proxy
- *************************************************************/
- result= Curl_connecthost(conn,
- conn->dns_entry,
- &conn->sock[FIRSTSOCKET],
- &addr,
- connected);
- if(CURLE_OK == result) {
- /* All is cool, we store the current information */
- conn->ip_addr = addr;
-
- if(*connected) {
- result = Curl_connected_proxy(conn);
- if(!result) {
- conn->bits.tcpconnect[FIRSTSOCKET] = TRUE;
- Curl_pgrsTime(data, TIMER_CONNECT); /* connect done */
- }
- }
- }
-
- if(result)
- *connected = FALSE; /* mark it as not connected */
-
- return result;
-}
-
/*
* verboseconnect() displays verbose information after a connect
*/
static void fix_hostname(struct SessionHandle *data,
struct connectdata *conn, struct hostname *host)
{
+ size_t len;
+
#ifndef USE_LIBIDN
(void)data;
(void)conn;
/* set the name we use to display the host name */
host->dispname = host->name;
+
+ len = strlen(host->name);
+ if(host->name[len-1] == '.')
+ /* strip off a single trailing dot if present, primarily for SNI but
+ there's no use for it */
+ host->name[len-1]=0;
+
if(!is_ASCII_name(host->name)) {
#ifdef USE_LIBIDN
/*************************************************************
conn->sock[FIRSTSOCKET] = CURL_SOCKET_BAD; /* no file descriptor */
conn->sock[SECONDARYSOCKET] = CURL_SOCKET_BAD; /* no file descriptor */
+ conn->tempsock[0] = CURL_SOCKET_BAD; /* no file descriptor */
+ conn->tempsock[1] = CURL_SOCKET_BAD; /* no file descriptor */
conn->connection_id = -1; /* no ID */
conn->port = -1; /* unknown at this point */
+ conn->remote_port = -1; /* unknown */
/* Default protocol-independent behavior doesn't support persistent
connections, so we set this to force-close. Protocols that support
this need to set this to FALSE in their "curl_do" functions. */
- conn->bits.close = TRUE;
+ connclose(conn, "Default to force-close");
/* Store creation time to help future close decision making */
conn->created = Curl_tvnow();
conn->ip_version = data->set.ipver;
-#if defined(USE_NTLM) && defined(NTLM_WB_ENABLED)
+#if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \
+ defined(NTLM_WB_ENABLED)
conn->ntlm_auth_hlpr_socket = CURL_SOCKET_BAD;
conn->ntlm_auth_hlpr_pid = 0;
conn->challenge_header = NULL;
if(!conn->send_pipe || !conn->recv_pipe)
goto error;
-#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+#ifdef HAVE_GSSAPI
conn->data_prot = PROT_CLEAR;
#endif
/* The protocol was not found in the table, but we don't have to assign it
to anything since it is already assigned to a dummy-struct in the
create_conn() function when the connectdata struct is allocated. */
- failf(data, "Protocol %s not supported or disabled in " LIBCURL_NAME,
+ failf(data, "Protocol \"%s\" not supported or disabled in " LIBCURL_NAME,
protostr);
return CURLE_UNSUPPORTED_PROTOCOL;
static CURLcode parseurlandfillconn(struct SessionHandle *data,
struct connectdata *conn,
bool *prot_missing,
- char *user, char *passwd, char *options)
+ char **userp, char **passwdp,
+ char **optionsp)
{
char *at;
char *fragment;
char *path = data->state.path;
char *query;
int rc;
- char protobuf[16];
- const char *protop;
+ char protobuf[16] = "";
+ const char *protop = "";
CURLcode result;
bool rebuild_url = FALSE;
*prot_missing = FALSE;
+ /* We might pass the entire URL into the request so we need to make sure
+ * there are no bad characters in there.*/
+ if(strpbrk(data->change.url, "\r\n")) {
+ failf(data, "Illegal characters found in URL");
+ return CURLE_URL_MALFORMAT;
+ }
+
/*************************************************************
* Parse the URL.
*
* Parse the login details from the URL and strip them out of
* the host name
*/
- result = parse_url_login(data, conn, user, passwd, options);
- if(result != CURLE_OK)
+ result = parse_url_login(data, conn, userp, passwdp, optionsp);
+ if(result)
return result;
if(conn->host.name[0] == '[') {
/* This looks like an IPv6 address literal. See if there is an address
- scope. */
- char *percent = strstr (conn->host.name, "%25");
+ scope if there is no location header */
+ char *percent = strchr(conn->host.name, '%');
if(percent) {
+ unsigned int identifier_offset = 3;
char *endp;
- unsigned long scope = strtoul (percent + 3, &endp, 10);
+ unsigned long scope;
+ if(strncmp("%25", percent, 3) != 0) {
+ infof(data,
+ "Please URL encode %% as %%25, see RFC 6874.\n");
+ identifier_offset = 1;
+ }
+ scope = strtoul(percent + identifier_offset, &endp, 10);
if(*endp == ']') {
/* The address scope was well formed. Knock it out of the
hostname. */
memmove(percent, endp, strlen(endp)+1);
- if(!data->state.this_is_a_follow)
- /* Don't honour a scope given in a Location: header */
- conn->scope = (unsigned int)scope;
+ conn->scope_id = (unsigned int)scope;
+ }
+ else {
+ /* Zone identifier is not numeric */
+#if defined(HAVE_NET_IF_H) && defined(IFNAMSIZ) && defined(HAVE_IF_NAMETOINDEX)
+ char ifname[IFNAMSIZ + 2];
+ char *square_bracket;
+ unsigned int scopeidx = 0;
+ strncpy(ifname, percent + identifier_offset, IFNAMSIZ + 2);
+ /* Ensure nullbyte termination */
+ ifname[IFNAMSIZ + 1] = '\0';
+ square_bracket = strchr(ifname, ']');
+ if(square_bracket) {
+ /* Remove ']' */
+ *square_bracket = '\0';
+ scopeidx = if_nametoindex(ifname);
+ if(scopeidx == 0) {
+ infof(data, "Invalid network interface: %s; %s\n", ifname,
+ strerror(errno));
+ }
+ }
+ if(scopeidx > 0) {
+ char *p = percent + identifier_offset + strlen(ifname);
+
+ /* Remove zone identifier from hostname */
+ memmove(percent, p, strlen(p) + 1);
+ conn->scope_id = scopeidx;
+ }
+ else
+#endif /* HAVE_NET_IF_H && IFNAMSIZ */
+ infof(data, "Invalid IPv6 address format\n");
}
- else
- infof(data, "Invalid IPv6 address format\n");
}
}
- if(data->set.scope)
+ if(data->set.scope_id)
/* Override any scope that was set above. */
- conn->scope = data->set.scope;
+ conn->scope_id = data->set.scope_id;
/* Remove the fragment part of the path. Per RFC 2396, this is always the
last part of the URI. We are looking for the first '#' so that we deal
free(s->range);
if(s->resume_from)
- s->range = aprintf("%" FORMAT_OFF_TU "-", s->resume_from);
+ s->range = aprintf("%" CURL_FORMAT_CURL_OFF_TU "-", s->resume_from);
else
s->range = strdup(data->set.str[STRING_SET_RANGE]);
}
-/***************************************************************
-* Setup connection internals specific to the requested protocol.
-* This MUST get called after proxy magic has been figured out.
-***************************************************************/
+/*
+ * setup_connection_internals() -
+ *
+ * Setup connection internals specific to the requested protocol in the
+ * SessionHandle. This is inited and setup before the connection is made but
+ * is about the particular protocol that is to be used.
+ *
+ * This MUST get called after proxy magic has been figured out.
+ */
static CURLcode setup_connection_internals(struct connectdata *conn)
{
const struct Curl_handler * p;
CURLcode result;
+ struct SessionHandle *data = conn->data;
- conn->socktype = SOCK_STREAM; /* most of them are TCP streams */
+ /* in some case in the multi state-machine, we go back to the CONNECT state
+ and then a second (or third or...) call to this function will be made
+ without doing a DISCONNECT or DONE in between (since the connection is
+ yet in place) and therefore this function needs to first make sure
+ there's no lingering previous data allocated. */
+ Curl_free_request_state(data);
+
+ memset(&data->req, 0, sizeof(struct SingleRequest));
+ data->req.maxdownload = -1;
- /* Scan protocol handler table. */
+ conn->socktype = SOCK_STREAM; /* most of them are TCP streams */
/* Perform setup complement if some. */
p = conn->handler;
if(p->setup_connection) {
result = (*p->setup_connection)(conn);
- if(result != CURLE_OK)
+ if(result)
return result;
p = conn->handler; /* May have changed. */
/* we check for -1 here since if proxy was detected already, this
was very likely already set to the proxy port */
conn->port = p->defport;
- conn->remote_port = (unsigned short)conn->given->defport;
+
+ /* only if remote_port was not already parsed off the URL we use the
+ default port number */
+ if(conn->remote_port < 0)
+ conn->remote_port = (unsigned short)conn->given->defport;
return CURLE_OK;
}
+/*
+ * Curl_free_request_state() should free temp data that was allocated in the
+ * SessionHandle for this single request.
+ */
+
+void Curl_free_request_state(struct SessionHandle *data)
+{
+ Curl_safefree(data->req.protop);
+ Curl_safefree(data->req.newurl);
+}
+
+
#ifndef CURL_DISABLE_PROXY
/****************************************************************
* Checks if the host is in the noproxy list. returns true if it matches
prox=curl_getenv(proxy_env);
}
- if(prox && *prox) { /* don't count "" strings */
+ if(prox)
proxy = prox; /* use this */
- }
else {
proxy = curl_getenv("all_proxy"); /* default proxy to use */
if(!proxy)
/* Is there a username and password given in this proxy url? */
atsign = strchr(proxyptr, '@');
if(atsign) {
- CURLcode res = CURLE_OK;
char *proxyuser = NULL;
char *proxypasswd = NULL;
-
- res = parse_login_details(proxyptr, atsign - proxyptr,
- &proxyuser, &proxypasswd, NULL);
- if(!res) {
+ CURLcode result =
+ parse_login_details(proxyptr, atsign - proxyptr,
+ &proxyuser, &proxypasswd, NULL);
+ if(!result) {
/* found user and password, rip them out. note that we are
unescaping them, as there is otherwise no way to have a
username or password with reserved characters like ':' in
conn->proxyuser = strdup("");
if(!conn->proxyuser)
- res = CURLE_OUT_OF_MEMORY;
+ result = CURLE_OUT_OF_MEMORY;
else {
Curl_safefree(conn->proxypasswd);
if(proxypasswd && strlen(proxypasswd) < MAX_CURL_PASSWORD_LENGTH)
conn->proxypasswd = strdup("");
if(!conn->proxypasswd)
- res = CURLE_OUT_OF_MEMORY;
+ result = CURLE_OUT_OF_MEMORY;
}
- if(!res) {
+ if(!result) {
conn->bits.proxy_user_passwd = TRUE; /* enable it */
atsign++; /* the right side of the @-letter */
- if(atsign)
- proxyptr = atsign; /* now use this instead */
- else
- res = CURLE_OUT_OF_MEMORY;
+ proxyptr = atsign; /* now use this instead */
}
}
Curl_safefree(proxyuser);
Curl_safefree(proxypasswd);
- if(res)
- return res;
+ if(result)
+ return result;
}
/* start scanning for port number at this point */
portptr = proxyptr;
- /* detect and extract RFC2732-style IPv6-addresses */
+ /* detect and extract RFC6874-style IPv6-addresses */
if(*proxyptr == '[') {
char *ptr = ++proxyptr; /* advance beyond the initial bracket */
- while(*ptr && (ISXDIGIT(*ptr) || (*ptr == ':') || (*ptr == '%') ||
- (*ptr == '.')))
+ while(*ptr && (ISXDIGIT(*ptr) || (*ptr == ':') || (*ptr == '.')))
ptr++;
+ if(*ptr == '%') {
+ /* There might be a zone identifier */
+ if(strncmp("%25", ptr, 3))
+ infof(data, "Please URL encode %% as %%25, see RFC 6874.\n");
+ ptr++;
+ /* Allow unresered characters as defined in RFC 3986 */
+ while(*ptr && (ISALPHA(*ptr) || ISXDIGIT(*ptr) || (*ptr == '-') ||
+ (*ptr == '.') || (*ptr == '_') || (*ptr == '~')))
+ ptr++;
+ }
if(*ptr == ']')
/* yeps, it ended nicely with a bracket as well */
*ptr++ = 0;
*/
static CURLcode parse_url_login(struct SessionHandle *data,
struct connectdata *conn,
- char *user, char *passwd, char *options)
+ char **user, char **passwd, char **options)
{
CURLcode result = CURLE_OK;
char *userp = NULL;
char *ptr = strchr(conn->host.name, '@');
char *login = conn->host.name;
- user[0] = 0; /* to make everything well-defined */
- passwd[0] = 0;
- options[0] = 0;
+ DEBUGASSERT(!**user);
+ DEBUGASSERT(!**passwd);
+ DEBUGASSERT(!**options);
+
+ if(!ptr)
+ goto out;
/* We will now try to extract the
* possible login information in a string like:
* ftp://user:password@ftp.my.site:8021/README */
- if(ptr) {
- /* There's login information to the left of the @ */
-
- conn->host.name = ++ptr;
-
- /* So the hostname is sane. Only bother interpreting the
- * results if we could care. It could still be wasted
- * work because it might be overtaken by the programmatically
- * set user/passwd, but doing that first adds more cases here :-(
- */
+ conn->host.name = ++ptr;
- if(data->set.use_netrc != CURL_NETRC_REQUIRED) {
- /* We could use the login information in the URL so extract it */
- result = parse_login_details(login, ptr - login - 1,
- &userp, &passwdp, &optionsp);
- if(!result) {
- if(userp) {
- char *newname;
-
- /* We have a user in the URL */
- conn->bits.userpwd_in_url = TRUE;
- conn->bits.user_passwd = TRUE; /* enable user+password */
-
- /* Decode the user */
- newname = curl_easy_unescape(data, userp, 0, NULL);
- if(!newname) {
- Curl_safefree(userp);
- Curl_safefree(passwdp);
- Curl_safefree(optionsp);
- return CURLE_OUT_OF_MEMORY;
- }
+ /* So the hostname is sane. Only bother interpreting the
+ * results if we could care. It could still be wasted
+ * work because it might be overtaken by the programmatically
+ * set user/passwd, but doing that first adds more cases here :-(
+ */
- if(strlen(newname) < MAX_CURL_USER_LENGTH)
- strcpy(user, newname);
+ if(data->set.use_netrc == CURL_NETRC_REQUIRED)
+ goto out;
- free(newname);
- }
+ /* We could use the login information in the URL so extract it */
+ result = parse_login_details(login, ptr - login - 1,
+ &userp, &passwdp, &optionsp);
+ if(result)
+ goto out;
- if(passwdp) {
- /* We have a password in the URL so decode it */
- char *newpasswd = curl_easy_unescape(data, passwdp, 0, NULL);
- if(!newpasswd) {
- Curl_safefree(userp);
- Curl_safefree(passwdp);
- Curl_safefree(optionsp);
- return CURLE_OUT_OF_MEMORY;
- }
+ if(userp) {
+ char *newname;
- if(strlen(newpasswd) < MAX_CURL_PASSWORD_LENGTH)
- strcpy(passwd, newpasswd);
+ /* We have a user in the URL */
+ conn->bits.userpwd_in_url = TRUE;
+ conn->bits.user_passwd = TRUE; /* enable user+password */
- free(newpasswd);
- }
+ /* Decode the user */
+ newname = curl_easy_unescape(data, userp, 0, NULL);
+ if(!newname) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
+ }
- if(optionsp) {
- /* We have an options list in the URL so decode it */
- char *newoptions = curl_easy_unescape(data, optionsp, 0, NULL);
- if(!newoptions) {
- Curl_safefree(userp);
- Curl_safefree(passwdp);
- Curl_safefree(optionsp);
- return CURLE_OUT_OF_MEMORY;
- }
+ free(*user);
+ *user = newname;
+ }
- if(strlen(newoptions) < MAX_CURL_OPTIONS_LENGTH)
- strcpy(options, newoptions);
+ if(passwdp) {
+ /* We have a password in the URL so decode it */
+ char *newpasswd = curl_easy_unescape(data, passwdp, 0, NULL);
+ if(!newpasswd) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
+ }
- free(newoptions);
- }
- }
+ free(*passwd);
+ *passwd = newpasswd;
+ }
- Curl_safefree(userp);
- Curl_safefree(passwdp);
- Curl_safefree(optionsp);
+ if(optionsp) {
+ /* We have an options list in the URL so decode it */
+ char *newoptions = curl_easy_unescape(data, optionsp, 0, NULL);
+ if(!newoptions) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
}
+
+ free(*options);
+ *options = newoptions;
}
+
+ out:
+
+ Curl_safefree(userp);
+ Curl_safefree(passwdp);
+ Curl_safefree(optionsp);
+
return result;
}
/* no CURLOPT_PORT given, extract the one from the URL */
char *rest;
- unsigned long port;
-
- port=strtoul(portptr+1, &rest, 10); /* Port number must be decimal */
+ long port;
- if(rest != (portptr+1) && *rest == '\0') {
- /* The colon really did have only digits after it,
- * so it is either a port number or a mistake */
+ port=strtol(portptr+1, &rest, 10); /* Port number must be decimal */
- if(port > 0xffff) { /* Single unix standard says port numbers are
- * 16 bits long */
- failf(data, "Port number too large: %lu", port);
- return CURLE_URL_MALFORMAT;
- }
+ if((port < 0) || (port > 0xffff)) {
+ /* Single unix standard says port numbers are 16 bits long */
+ failf(data, "Port number out of range");
+ return CURLE_URL_MALFORMAT;
+ }
+ else if(rest != &portptr[1]) {
*portptr = '\0'; /* cut off the name there */
conn->remote_port = curlx_ultous(port);
}
- else if(!port)
+ else
/* Browser behavior adaptation. If there's a colon with no digits after,
just cut off the name there which makes us ignore the colon and just
use the default port. Firefox and Chrome both do that. */
* Override the login details from the URL with that in the CURLOPT_USERPWD
* option or a .netrc file, if applicable.
*/
-static void override_login(struct SessionHandle *data,
- struct connectdata *conn,
- char *user, char *passwd, char *options)
+static CURLcode override_login(struct SessionHandle *data,
+ struct connectdata *conn,
+ char **userp, char **passwdp, char **optionsp)
{
if(data->set.str[STRING_USERNAME]) {
- strncpy(user, data->set.str[STRING_USERNAME], MAX_CURL_USER_LENGTH);
- user[MAX_CURL_USER_LENGTH - 1] = '\0'; /* To be on safe side */
+ free(*userp);
+ *userp = strdup(data->set.str[STRING_USERNAME]);
+ if(!*userp)
+ return CURLE_OUT_OF_MEMORY;
}
if(data->set.str[STRING_PASSWORD]) {
- strncpy(passwd, data->set.str[STRING_PASSWORD], MAX_CURL_PASSWORD_LENGTH);
- passwd[MAX_CURL_PASSWORD_LENGTH - 1] = '\0'; /* To be on safe side */
+ free(*passwdp);
+ *passwdp = strdup(data->set.str[STRING_PASSWORD]);
+ if(!*passwdp)
+ return CURLE_OUT_OF_MEMORY;
}
if(data->set.str[STRING_OPTIONS]) {
- strncpy(options, data->set.str[STRING_OPTIONS], MAX_CURL_OPTIONS_LENGTH);
- options[MAX_CURL_OPTIONS_LENGTH - 1] = '\0'; /* To be on safe side */
+ free(*optionsp);
+ *optionsp = strdup(data->set.str[STRING_OPTIONS]);
+ if(!*optionsp)
+ return CURLE_OUT_OF_MEMORY;
}
conn->bits.netrc = FALSE;
if(data->set.use_netrc != CURL_NETRC_IGNORED) {
- if(Curl_parsenetrc(conn->host.name,
- user, passwd,
- data->set.str[STRING_NETRC_FILE])) {
+ int ret = Curl_parsenetrc(conn->host.name,
+ userp, passwdp,
+ data->set.str[STRING_NETRC_FILE]);
+ if(ret > 0) {
infof(data, "Couldn't find host %s in the "
DOT_CHAR "netrc file; using defaults\n",
conn->host.name);
}
+ else if(ret < 0 ) {
+ return CURLE_OUT_OF_MEMORY;
+ }
else {
/* set bits.netrc TRUE to remember that we got the name from a .netrc
file, so that it is safe to use even if we followed a Location: to a
conn->bits.user_passwd = TRUE; /* enable user+password */
}
}
+
+ return CURLE_OK;
}
/*
- * Set password so it's available in the connection.
+ * Set the login details so they're available in the connection
*/
static CURLcode set_login(struct connectdata *conn,
const char *user, const char *passwd,
/* set a pointer to the hostname we display */
fix_hostname(data, conn, &conn->host);
+#ifdef USE_UNIX_SOCKETS
+ if(data->set.str[STRING_UNIX_SOCKET_PATH]) {
+ /* Unix domain sockets are local. The host gets ignored, just use the
+ * specified domain socket address. Do not cache "DNS entries". There is
+ * no DNS involved and we already have the filesystem path available */
+ const char *path = data->set.str[STRING_UNIX_SOCKET_PATH];
+
+ hostaddr = calloc(1, sizeof(struct Curl_dns_entry));
+ if(!hostaddr)
+ result = CURLE_OUT_OF_MEMORY;
+ else if((hostaddr->addr = Curl_unix2addr(path)) != NULL)
+ hostaddr->inuse++;
+ else {
+ /* Long paths are not supported for now */
+ if(strlen(path) >= sizeof(((struct sockaddr_un *)0)->sun_path)) {
+ failf(data, "Unix socket path too long: '%s'", path);
+ result = CURLE_COULDNT_RESOLVE_HOST;
+ }
+ else
+ result = CURLE_OUT_OF_MEMORY;
+ free(hostaddr);
+ hostaddr = NULL;
+ }
+ }
+ else
+#endif
if(!conn->proxy.name || !*conn->proxy.name) {
/* If not connecting via a proxy, extract the port from the URL, if it is
* there, thus overriding any defaults that might have been set above. */
struct connectdata *conn;
struct connectdata *conn_temp = NULL;
size_t urllen;
- char user[MAX_CURL_USER_LENGTH];
- char passwd[MAX_CURL_PASSWORD_LENGTH];
- char options[MAX_CURL_OPTIONS_LENGTH];
+ char *user = NULL;
+ char *passwd = NULL;
+ char *options = NULL;
bool reuse;
char *proxy = NULL;
bool prot_missing = FALSE;
bool no_connections_available = FALSE;
- bool force_reuse;
+ bool force_reuse = FALSE;
size_t max_host_connections = Curl_multi_max_host_connections(data->multi);
size_t max_total_connections = Curl_multi_max_total_connections(data->multi);
* Check input data
*************************************************************/
- if(!data->change.url)
- return CURLE_URL_MALFORMAT;
+ if(!data->change.url) {
+ result = CURLE_URL_MALFORMAT;
+ goto out;
+ }
/* First, split up the current URL in parts so that we can use the
parts for checking against the already present connections. In order
connection data struct and fill in for comparison purposes. */
conn = allocate_conn(data);
- if(!conn)
- return CURLE_OUT_OF_MEMORY;
+ if(!conn) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
+ }
/* We must set the return variable as soon as possible, so that our
parent can cleanup any possible allocs we may have done before
data->state.path = NULL;
data->state.pathbuffer = malloc(urllen+2);
- if(NULL == data->state.pathbuffer)
- return CURLE_OUT_OF_MEMORY; /* really bad error */
+ if(NULL == data->state.pathbuffer) {
+ result = CURLE_OUT_OF_MEMORY; /* really bad error */
+ goto out;
+ }
data->state.path = data->state.pathbuffer;
conn->host.rawalloc = malloc(urllen+2);
if(NULL == conn->host.rawalloc) {
Curl_safefree(data->state.pathbuffer);
data->state.path = NULL;
- return CURLE_OUT_OF_MEMORY;
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
}
conn->host.name = conn->host.rawalloc;
conn->host.name[0] = 0;
- result = parseurlandfillconn(data, conn, &prot_missing, user, passwd,
- options);
- if(result != CURLE_OK)
- return result;
+ user = strdup("");
+ passwd = strdup("");
+ options = strdup("");
+ if(!user || !passwd || !options) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
+ }
+
+ result = parseurlandfillconn(data, conn, &prot_missing, &user, &passwd,
+ &options);
+ if(result)
+ goto out;
/*************************************************************
* No protocol part in URL was used, add it!
reurl = aprintf("%s://%s", conn->handler->scheme, data->change.url);
if(!reurl) {
- Curl_safefree(proxy);
- return CURLE_OUT_OF_MEMORY;
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
}
if(data->change.url_alloc) {
/*************************************************************
* If the protocol can't handle url query strings, then cut
- * of the unhandable part
+ * off the unhandable part
*************************************************************/
if((conn->given->flags&PROTOPT_NOURLQUERY)) {
char *path_q_sep = strchr(conn->data->state.path, '?');
}
}
+ if(data->set.str[STRING_BEARER]) {
+ conn->xoauth2_bearer = strdup(data->set.str[STRING_BEARER]);
+ if(!conn->xoauth2_bearer) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
+ }
+ }
+
#ifndef CURL_DISABLE_PROXY
/*************************************************************
* Extract the user and password from the authentication string
*************************************************************/
if(conn->bits.proxy_user_passwd) {
result = parse_proxy_auth(data, conn);
- if(result != CURLE_OK)
- return result;
+ if(result)
+ goto out;
}
/*************************************************************
/* if global proxy is set, this is it */
if(NULL == proxy) {
failf(data, "memory shortage");
- return CURLE_OUT_OF_MEMORY;
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
}
}
else if(!proxy)
proxy = detect_proxy(conn);
+#ifdef USE_UNIX_SOCKETS
+ if(proxy && data->set.str[STRING_UNIX_SOCKET_PATH]) {
+ free(proxy); /* Unix domain sockets cannot be proxied, so disable it */
+ proxy = NULL;
+ }
+#endif
+
if(proxy && (!*proxy || (conn->handler->flags & PROTOPT_NONETWORK))) {
free(proxy); /* Don't bother with an empty proxy string or if the
protocol doesn't work with network */
if(proxy) {
result = parse_proxy(data, conn, proxy);
- free(proxy); /* parse_proxy copies the proxy string */
+ Curl_safefree(proxy); /* parse_proxy copies the proxy string */
if(result)
- return result;
+ goto out;
if((conn->proxytype == CURLPROXY_HTTP) ||
(conn->proxytype == CURLPROXY_HTTP_1_0)) {
#ifdef CURL_DISABLE_HTTP
/* asking for a HTTP proxy is a bit funny when HTTP is disabled... */
- return CURLE_UNSUPPORTED_PROTOCOL;
+ result = CURLE_UNSUPPORTED_PROTOCOL;
+ goto out;
#else
/* force this connection's protocol to become HTTP if not already
compatible - if it isn't tunneling through */
- if(!(conn->handler->protocol & CURLPROTO_HTTP) &&
+ if(!(conn->handler->protocol & PROTO_FAMILY_HTTP) &&
!conn->bits.tunnel_proxy)
conn->handler = &Curl_handler_http;
#endif /* CURL_DISABLE_PROXY */
/*************************************************************
+ * If the protocol is using SSL and HTTP proxy is used, we set
+ * the tunnel_proxy bit.
+ *************************************************************/
+ if((conn->given->flags&PROTOPT_SSL) && conn->bits.httpproxy)
+ conn->bits.tunnel_proxy = TRUE;
+
+ /*************************************************************
+ * Figure out the remote port number and fix it in the URL
+ *************************************************************/
+ result = parse_remote_port(data, conn);
+ if(result)
+ goto out;
+
+ /* Check for overridden login details and set them accordingly so they
+ they are known when protocol->setup_connection is called! */
+ result = override_login(data, conn, &user, &passwd, &options);
+ if(result)
+ goto out;
+ result = set_login(conn, user, passwd, options);
+ if(result)
+ goto out;
+
+ /*************************************************************
* Setup internals depending on protocol. Needs to be done after
* we figured out what/if proxy to use.
*************************************************************/
result = setup_connection_internals(conn);
- if(result != CURLE_OK) {
- Curl_safefree(proxy);
- return result;
- }
+ if(result)
+ goto out;
conn->recv[FIRSTSOCKET] = Curl_recv_plain;
conn->send[FIRSTSOCKET] = Curl_send_plain;
result = conn->handler->connect_it(conn, &done);
/* Setup a "faked" transfer that'll do nothing */
- if(CURLE_OK == result) {
+ if(!result) {
conn->data = data;
conn->bits.tcpconnect[FIRSTSOCKET] = TRUE; /* we are "connected */
DEBUGASSERT(conn->handler->done);
/* we ignore the return code for the protocol-specific DONE */
(void)conn->handler->done(conn, result, FALSE);
- return result;
+ goto out;
}
Curl_setup_transfer(conn, -1, -1, FALSE, NULL, /* no download */
}
/* since we skip do_init() */
- Curl_speedinit(data);
+ do_init(conn);
- return result;
+ goto out;
}
#endif
- /*************************************************************
- * If the protocol is using SSL and HTTP proxy is used, we set
- * the tunnel_proxy bit.
- *************************************************************/
- if((conn->given->flags&PROTOPT_SSL) && conn->bits.httpproxy)
- conn->bits.tunnel_proxy = TRUE;
-
- /*************************************************************
- * Figure out the remote port number and fix it in the URL
- *************************************************************/
- result = parse_remote_port(data, conn);
- if(result != CURLE_OK)
- return result;
-
- /* Check for overridden login details and set them accordingly */
- override_login(data, conn, user, passwd, options);
- result = set_login(conn, user, passwd, options);
- if(result != CURLE_OK)
- return result;
-
/* Get a cloned copy of the SSL config situation stored in the
connection struct. But to get this going nicely, we must first make
sure that the strings in the master copy are pointing to the correct
data->set.ssl.password = data->set.str[STRING_TLSAUTH_PASSWORD];
#endif
- if(!Curl_clone_ssl_config(&data->set.ssl, &conn->ssl_config))
- return CURLE_OUT_OF_MEMORY;
+ if(!Curl_clone_ssl_config(&data->set.ssl, &conn->ssl_config)) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
+ }
+
+ prune_dead_connections(data);
/*************************************************************
* Check the current list of connections to see if we can
conn_free(conn);
*in_connect = NULL;
- return CURLE_NO_CONNECTION_AVAILABLE;
+ result = CURLE_NO_CONNECTION_AVAILABLE;
+ goto out;
}
else {
/*
*/
ConnectionStore(data, conn);
}
+
+#if defined(USE_NTLM)
+ /* If NTLM is requested in a part of this connection, make sure we don't
+ assume the state is fine as this is a fresh connection and NTLM is
+ connection based. */
+ if((data->state.authhost.picked & (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
+ data->state.authhost.done) {
+ infof(data, "NTLM picked AND auth done set, clear picked!\n");
+ data->state.authhost.picked = CURLAUTH_NONE;
+ }
+
+ if((data->state.authproxy.picked & (CURLAUTH_NTLM | CURLAUTH_NTLM_WB)) &&
+ data->state.authproxy.done) {
+ infof(data, "NTLM-proxy picked AND auth done set, clear picked!\n");
+ data->state.authproxy.picked = CURLAUTH_NONE;
+ }
+#endif
}
/* Mark the connection as used */
*/
result = setup_range(data);
if(result)
- return result;
+ goto out;
/* Continue connectdata initialization here. */
*************************************************************/
result = resolve_server(data, conn, async);
+ out:
+
+ Curl_safefree(options);
+ Curl_safefree(passwd);
+ Curl_safefree(user);
+ Curl_safefree(proxy);
return result;
}
is later set again for the progress meter purpose */
conn->now = Curl_tvnow();
- for(;;) {
- /* loop for CURL_SERVER_CLOSED_CONNECTION */
-
- if(CURL_SOCKET_BAD == conn->sock[FIRSTSOCKET]) {
- /* Try to connect only if not already connected */
- bool connected = FALSE;
-
- result = ConnectPlease(data, conn, &connected);
-
- if(result && !conn->ip_addr) {
- /* transport connection failure not related with authentication */
- conn->bits.tcpconnect[FIRSTSOCKET] = FALSE;
- return result;
- }
-
- if(connected) {
- result = Curl_protocol_connect(conn, protocol_done);
- if(CURLE_OK == result)
- conn->bits.tcpconnect[FIRSTSOCKET] = TRUE;
- }
- else
- conn->bits.tcpconnect[FIRSTSOCKET] = FALSE;
-
- /* if the connection was closed by the server while exchanging
- authentication informations, retry with the new set
- authentication information */
- if(conn->bits.proxy_connect_closed) {
- /* reset the error buffer */
- if(data->set.errorbuffer)
- data->set.errorbuffer[0] = '\0';
- data->state.errorbuf = FALSE;
- continue;
- }
-
- if(CURLE_OK != result)
- return result;
- }
- else {
- Curl_pgrsTime(data, TIMER_CONNECT); /* we're connected already */
- Curl_pgrsTime(data, TIMER_APPCONNECT); /* we're connected already */
- conn->bits.tcpconnect[FIRSTSOCKET] = TRUE;
- *protocol_done = TRUE;
- Curl_verboseconnect(conn);
- Curl_updateconninfo(conn, conn->sock[FIRSTSOCKET]);
- }
- /* Stop the loop now */
- break;
+ if(CURL_SOCKET_BAD == conn->sock[FIRSTSOCKET]) {
+ conn->bits.tcpconnect[FIRSTSOCKET] = FALSE;
+ result = Curl_connecthost(conn, conn->dns_entry);
+ if(result)
+ return result;
+ }
+ else {
+ Curl_pgrsTime(data, TIMER_CONNECT); /* we're connected already */
+ Curl_pgrsTime(data, TIMER_APPCONNECT); /* we're connected already */
+ conn->bits.tcpconnect[FIRSTSOCKET] = TRUE;
+ *protocol_done = TRUE;
+ Curl_updateconninfo(conn, conn->sock[FIRSTSOCKET]);
+ Curl_verboseconnect(conn);
}
conn->now = Curl_tvnow(); /* time this *after* the connect is done, we
bool *asyncp,
bool *protocol_done)
{
- CURLcode code;
+ CURLcode result;
*asyncp = FALSE; /* assume synchronous resolves by default */
/* call the stuff that needs to be called */
- code = create_conn(data, in_connect, asyncp);
+ result = create_conn(data, in_connect, asyncp);
- if(CURLE_OK == code) {
+ if(!result) {
/* no error */
if((*in_connect)->send_pipe->size || (*in_connect)->recv_pipe->size)
/* pipelining */
/* DNS resolution is done: that's either because this is a reused
connection, in which case DNS was unnecessary, or because DNS
really did finish already (synch resolver/fast async resolve) */
- code = Curl_setup_conn(*in_connect, protocol_done);
+ result = Curl_setup_conn(*in_connect, protocol_done);
}
}
- if(code == CURLE_NO_CONNECTION_AVAILABLE) {
+ if(result == CURLE_NO_CONNECTION_AVAILABLE) {
*in_connect = NULL;
- return code;
+ return result;
}
- if(code && *in_connect) {
+ if(result && *in_connect) {
/* We're not allowed to return failure with memory left allocated
in the connectdata struct, free those here */
Curl_disconnect(*in_connect, FALSE); /* close the connection */
*in_connect = NULL; /* return a NULL */
}
- return code;
+ return result;
}
CURLcode Curl_done(struct connectdata **connp,
conn->dns_entry = NULL;
}
- if(status == CURLE_ABORTED_BY_CALLBACK)
+ switch(status) {
+ case CURLE_ABORTED_BY_CALLBACK:
+ case CURLE_READ_ERROR:
+ case CURLE_WRITE_ERROR:
/* When we're aborted due to a callback return code it basically have to
be counted as premature as there is trouble ahead if we don't. We have
many callbacks and protocols work differently, we could potentially do
this more fine-grained in the future. */
premature = TRUE;
+ default:
+ break;
+ }
/* this calls the protocol-specific function pointer previously set */
if(conn->handler->done)
result = conn->handler->done(conn, status, premature);
else
- result = CURLE_OK;
+ result = status;
- if(Curl_pgrsDone(conn) && !result)
+ if(!result && Curl_pgrsDone(conn))
result = CURLE_ABORTED_BY_CALLBACK;
/* if the transfer was completed in a paused state there can be buffered
}
/* if data->set.reuse_forbid is TRUE, it means the libcurl client has
- forced us to close this no matter what we think.
+ forced us to close this connection. This is ignored for requests taking
+ place in a NTLM authentication handshake
if conn->bits.close is TRUE, it means that the connection should be
closed in spite of all our efforts to be nice, due to protocol
we can add code that keep track of if we really must close it here or not,
but currently we have no such detail knowledge.
*/
- if(data->set.reuse_forbid || conn->bits.close || premature) {
+
+ if((data->set.reuse_forbid
+#if defined(USE_NTLM)
+ && !(conn->ntlm.state == NTLMSTATE_TYPE2 ||
+ conn->proxyntlm.state == NTLMSTATE_TYPE2)
+#endif
+ ) || conn->bits.close || premature) {
CURLcode res2 = Curl_disconnect(conn, premature); /* close connection */
/* If we had an error already, make sure we return that one. But
this was either closed or handed over to the connection
cache here, and therefore cannot be used from this point on
*/
+ Curl_free_request_state(data);
return result;
}
HTTP. */
data->set.httpreq = HTTPREQ_GET;
- /* NB: the content encoding software depends on this initialization */
- Curl_easy_initHandleData(data);
-
k->start = Curl_tvnow(); /* start time */
k->now = k->start; /* current time is now */
k->header = TRUE; /* assume header */
if(!data->multi) {
result = Curl_reconnect_request(connp);
- if(result == CURLE_OK) {
+ if(!result) {
/* ... finally back to actually retry the DO phase */
conn = *connp; /* re-assign conn since Curl_reconnect_request
creates a new connection */
return result;
}
- if((result == CURLE_OK) && *done)
+ if(!result && *done)
/* do_complete must be called after the protocol-specific DO function */
do_complete(conn);
}
return result;
}
-
-/* Called on connect, and if there's already a protocol-specific struct
- allocated for a different connection, this frees it that it can be setup
- properly later on. */
-void Curl_reset_reqproto(struct connectdata *conn)
-{
- struct SessionHandle *data = conn->data;
-
- Curl_safefree(data->state.proto.generic);
- data->state.proto.generic = NULL;
-}