aboutsummaryrefslogtreecommitdiff
path: root/lib/connect.c
AgeCommit message (Collapse)Author
2017-03-13Improve code readbilitySylvestre Ledru
... by removing the else branch after a return, break or continue. Closes #1310
2016-12-19http_proxy: Fix proxy CONNECT hang on pending dataJay Satiro
- Check for pending data before waiting on the socket. Bug: https://github.com/curl/curl/issues/1156 Reported-by: Adam Langley
2016-12-18Curl_getconnectinfo: avoid checking if the connection is closedIsaac Boukris
It doesn't benefit us much as the connection could get closed at any time, and also by checking we lose the ability to determine if the socket was closed by reading zero bytes. Reported-by: Michael Kaufmann Closes https://github.com/curl/curl/pull/1134
2016-12-13checksrc: stricter no-space-before-paren enforcementDaniel Stenberg
In order to make the code style more uniform everywhere
2016-11-25add CURLINFO_SCHEME, CURLINFO_PROTOCOL, and %{scheme}Frank Gevaerts
Adds access to the effectively used protocol/scheme to both libcurl and curl, both in string and numeric (CURLPROTO_*) form. Note that the string form will be uppercase, as it is just the internal string. As these strings are declared internally as const, and all other strings returned by curl_easy_getinfo() are de-facto const as well, string handling in getinfo.c got const-ified. Closes #1137
2016-11-24checksrc: white space edits to comply to stricter checksrcDaniel Stenberg
2016-11-24checksrc: code style: use 'char *name' styleDaniel Stenberg
2016-11-24proxy: Support HTTPS proxy and SOCKS+HTTP(s)Alex Rousskov
* HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
2016-11-18lib: fix compiler warnings after de4de4e3c7cMarcel Raad
Visual C++ now complains about implicitly casting time_t (64-bit) to long (32-bit). Fix this by changing some variables from long to time_t, or explicitly casting to long where the public interface would be affected. Closes #1131
2016-10-18select: switch to macros in uppercaseDaniel Stenberg
Curl_select_ready() was the former API that was replaced with Curl_select_check() a while back and the former arg setup was provided with a define (in order to leave existing code unmodified). Now we instead offer SOCKET_READABLE and SOCKET_WRITABLE for the most common shortcuts where only one socket is checked. They're also more visibly macros.
2016-10-16win: fix Universal Windows Platform buildMarcel Raad
This fixes a merge error in commit 7f3df80 caused by commit 332e8d6. Additionally, this changes Curl_verify_windows_version for Windows App builds to assume to always be running on the target Windows version. There seems to be no way to determine the Windows version from a UWP app. Neither GetVersion(Ex), nor VerifyVersionInfo, nor the Version Helper functions are supported. Bug: https://github.com/curl/curl/pull/820#issuecomment-250889878 Reported-by: Paul Joyce Closes https://github.com/curl/curl/pull/1048
2016-08-30connect: fix #ifdefs for debug versions of conn/streamclose() macrosDaniel Stenberg
CURLDEBUG is for the memory debugging DEBUGBUILD is for the extra debug stuff Pointed-out-by: Steve Holme
2016-08-28http2: make sure stream errors don't needlessly close the connectionDaniel Stenberg
With HTTP/2 each transfer is made in an indivial logical stream over the connection, making most previous errors that caused the connection to get forced-closed now instead just kill the stream and not the connection. Fixes #941
2016-08-21win: Basic support for Universal Windows Platform appsMarco Deckel
Closes #820
2016-07-20connect: disable TFO on Linux when using SSLJay Satiro
- Linux TFO + TLS is not implemented yet. Bug: https://github.com/curl/curl/issues/907
2016-06-22internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg
2016-06-04connect.c: Fixed compilation warning from commit 332e8d6164Steve Holme
connect.c:952:5: warning: suggest explicit braces to avoid ambiguous 'else'
2016-06-04win32: Used centralised verify windows version functionSteve Holme
Closes #845
2016-05-08connect: fix invalid "Network is unreachable" errorsAntonio Larrosa
Sometimes, in systems with both ipv4 and ipv6 addresses but where the network doesn't support ipv6, Curl_is_connected returns an error (intermittently) even if the ipv4 socket connects successfully. This happens because there's a for-loop that iterates on the sockets but the error variable is not resetted when the ipv4 is checked and is ok. This patch fixes this problem by setting error to 0 when checking the second socket and not having a result yet. Fixes #794
2016-04-29lib: include curl_printf.h as one of the last headersDaniel Stenberg
curl_printf.h defines printf to curl_mprintf, etc. This can cause problems with external headers which may use __attribute__((format(printf, ...))) markers etc. To avoid that they cause problems with system includes, we include curl_printf.h after any system headers. That makes the three last headers to always be, and we keep them in this order: curl_printf.h curl_memory.h memdebug.h None of them include system headers, they all do funny #defines. Reported-by: David Benjamin Fixes #743
2016-04-19connect: make sure that rc is initialized in singleipconnect()Kamil Dudka
This commit fixes a Clang warning introduced in curl-7_48_0-190-g8f72b13: Error: CLANG_WARNING: lib/connect.c:1120:11: warning: The right operand of '==' is a garbage value 1118| } 1119| 1120|-> if(-1 == rc) 1121| error = SOCKERRNO; 1122| }
2016-04-18connect: implement TCP Fast Open for LinuxAlessandro Ghedini
Closes #660
2016-04-18connect: implement TCP Fast Open for OS XAlessandro Ghedini
2016-04-17news: CURLOPT_CONNECT_TO and --connect-toMichael Kaufmann
Makes curl connect to the given host+port instead of the host+port found in the URL.
2016-03-20connect/ntlm/http: Fixed compilation warnings when verbose strings disabledSteve Holme
warning C4189: 'data': local variable is initialized but not referenced
2016-02-04URLs: change more http to httpsViktor Szakats
2016-02-03URLs: change all http:// URLs to https://Daniel Stenberg
2015-11-16getconnectinfo: Don't call recv(2) if socket == -1Anders Bakken
Closes #528
2015-09-27http2: set TCP_NODELAY unconditionallyDaniel Stenberg
For a single-stream download from localhost, we managed to increase transfer speed from 1.6MB/sec to around 400MB/sec, mostly because of this single fix.
2015-09-26build: fix failures with -Wcast-align and -WerrorTatsuhiro Tsujikawa
Closes #457
2015-08-01win32: Fix compilation warnings from commit 40c921f8b8Steve Holme
connect.c:953:5: warning: initializer element is not computable at load time connect.c:953:5: warning: missing initializer for field 'dwMinorVersion' of 'OSVERSIONINFOEX' curl_sspi.c:97:5: warning: initializer element is not computable at load time curl_sspi.c:97:5: warning: missing initializer for field 'szCSDVersion' of 'OSVERSIONINFOEX'
2015-07-22Windows: Fix VerifyVersionInfo callsJay Satiro
- Fix the VerifyVersionInfo calls, which we use to test for the OS major version, to also test for the minor version as well as the service pack major and minor versions. MSDN: "If you are testing the major version, you must also test the minor version and the service pack major and minor versions." https://msdn.microsoft.com/en-us/library/windows/desktop/ms725492.aspx Bug: https://github.com/bagder/curl/pull/353#issuecomment-123493098 Reported-by: Marcel Raad <MarcelRaad@users.noreply.github.com>
2015-06-09CURLOPT_OPENSOCKETFUNCTION: return error at onceDaniel Stenberg
When CURL_SOCKET_BAD is returned in the callback, it should be treated as an error (CURLE_COULDNT_CONNECT) if no other socket is subsequently created when trying to connect to a server. Bug: http://curl.haxx.se/mail/lib-2015-06/0047.html
2015-05-12connection cache: avoid Curl_hash_alloc()Daniel Stenberg
... by using plain structs instead of pointers for the connection cache, we can avoid several dynamic allocations that weren't necessary.
2015-03-24curl_memory: make curl_memory.h the second-last header file loadedDan Fandrich
This header file must be included after all header files except memdebug.h, as it does similar memory function redefinitions and can be similarly affected by conflicting definitions in system or dependent library headers.
2015-03-23curl_easy_recv/send: make them work with the multi interfaceYamada Yasuharu
By making sure Curl_getconnectinfo() uses the correct connection cache to find the last connection.
2015-03-17checksrc: use space after commaDaniel Stenberg
2015-03-16connect: Fix happy eyeballs logic for IPv4-only buildsJay Satiro
Bug: https://github.com/bagder/curl/pull/168 (trynextip) - Don't try the "other" protocol family unless IPv6 is available. In an IPv4-only build the other family can only be IPv6 which is unavailable. This change essentially stops IPv4-only builds from attempting the "happy eyeballs" secondary parallel connection that is supposed to be used by the "other" address family. Prior to this change in IPv4-only builds that secondary parallel connection attempt could be erroneously used by the same family (IPv4) which caused a bug where every address after the first for a host could be tried twice, often in parallel. This change fixes that bug. An example of the bug is shown below. Assume MTEST resolves to 3 addresses 127.0.0.2, 127.0.0.3 and 127.0.0.4: * STATE: INIT => CONNECT handle 0x64f4b0; line 1046 (connection #-5000) * Rebuilt URL to: http://MTEST/ * Added connection 0. The cache now contains 1 members * STATE: CONNECT => WAITRESOLVE handle 0x64f4b0; line 1083 (connection #0) * Trying 127.0.0.2... * STATE: WAITRESOLVE => WAITCONNECT handle 0x64f4b0; line 1163 (connection #0) * Trying 127.0.0.3... * connect to 127.0.0.2 port 80 failed: Connection refused * Trying 127.0.0.3... * connect to 127.0.0.3 port 80 failed: Connection refused * Trying 127.0.0.4... * connect to 127.0.0.3 port 80 failed: Connection refused * Trying 127.0.0.4... * connect to 127.0.0.4 port 80 failed: Connection refused * connect to 127.0.0.4 port 80 failed: Connection refused * Failed to connect to MTEST port 80: Connection refused * Closing connection 0 * The cache now contains 0 members * Expire cleared curl: (7) Failed to connect to MTEST port 80: Connection refused The bug was born in commit bagder/curl@2d435c7.
2015-03-15closesocket: call multi socket cb on close even with custom closeFrank Meier
In function Curl_closesocket() in connect.c the call to Curl_multi_closed() was wrongly omitted if a socket close function (CURLOPT_CLOSESOCKETFUNCTION) is registered. That would lead to not removing the socket from the internal hash table and not calling the multi socket callback appropriately. Bug: http://curl.haxx.se/bug/view.cgi?id=1493
2015-03-07conncontrol: only log changes to the connection bitDaniel Stenberg
2015-03-03mprintf.h: remove #ifdef CURLDEBUGDaniel Stenberg
... and as a consequence, introduce curl_printf.h with that re-define magic instead and make all libcurl code use that instead.
2015-02-23connect: wait for IPv4 connection attemptsKamil Dudka
... even if the last IPv6 connection attempt has failed. Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c4
2015-02-23connect: avoid skipping an IPv4 addressKamil Dudka
... in case the protocol versions are mixed in a DNS response (IPv6 -> IPv4 -> IPv6). Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1187531#c3
2015-01-20ipv6: enclose AF_INET6 uses with proper #ifdefs for ipv6Daniel Stenberg
Reported-by: Chris Young
2014-12-27code/docs: Use correct case for IPv4 and IPv6Steve Holme
For consistency, as we seem to have a bit of a mixed bag, changed all instances of ipv4 and ipv6 in comments and documentations to use the correct case.
2014-12-16IPV6: address scope != scope idPatrick Monnerat
There was a confusion between these: this commit tries to disambiguate them. - Scope can be computed from the address itself. - Scope id is scope dependent: it is currently defined as 1-based local interface index for link-local scoped addresses, and as a site index(?) for (obsolete) site-local addresses. Linux only supports it for link-local addresses. The URL parser properly parses a scope id as an interface index, but stores it in a field named "scope": confusion. The field has been renamed into "scope_id". Curl_if2ip() used the scope id as it was a scope. This caused failures to bind to an interface. Scope is now computed from the addresses and Curl_if2ip() matches them. If redundantly specified in the URL, scope id is check for mismatch with the interface index. This commit should fix SF bug #1451.
2014-12-16connect: singleipconnect(): properly try other address families after failurePatrick Monnerat
2014-12-04updateconninfo: clear destination struct before getsockname()Daniel Stenberg
Otherwise we may read uninitialized bytes later in the unix-domain sockets case.
2014-11-30lib/connect: restrict IP/TCP options to said socketsPeter Wu
This patch prepares for adding UNIX domain sockets support. TCP_NODELAY and TCP_KEEPALIVE are specific to TCP/IP sockets, so do not apply these to other socket types. bindlocal only works for IP sockets (independent of TCP/UDP), so filter that out too for other types. Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-11-19multi: inform about closed sockets before they are closedJon Spencer
When the connection code decides to close a socket it informs the multi system via the Curl_multi_closed function. The multi system may, in turn, invoke the CURLMOPT_SOCKETFUNCTION function with CURL_POLL_REMOVE. This happens after the socket has already been closed. Reorder the code so that CURL_POLL_REMOVE is called before the socket is closed.