aboutsummaryrefslogtreecommitdiff
path: root/lib/http2.c
AgeCommit message (Collapse)Author
2020-05-07http2: simplify and clean up trailer handlingDaniel Stenberg
Triggered by a crash detected by OSS-Fuzz after the dynbuf introduction in ed35d6590e72. This should make the trailer handling more straight forward and hopefully less error-prone. Deliver the trailer header to the callback already at receive-time. No longer caches the trailers to get delivered at end of stream. Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22030 Closes #5348
2020-05-04dynbuf: introduce internal generic dynamic buffer functionsDaniel Stenberg
A common set of functions instead of many separate implementations for creating buffers that can grow when appending data to them. Existing functionality has been ported over. In my early basic testing, the total number of allocations seem at roughly the same amount as before, possibly a few less. See docs/DYNBUF.md for a description of the API. Closes #5300
2020-03-18http2: Fix erroneous debug message that h2 connection closedJay Satiro
Prior to this change in libcurl debug builds http2 stream closure was erroneously referred to as connection closure. Before: * nread <= 0, server closed connection, bailing After: * nread == 0, stream closed, bailing Closes https://github.com/curl/curl/pull/5118
2020-03-07version: make curl_version* thread-safe without using global contextDaniel Stenberg
Closes #5010
2020-02-27http2: make pausing/unpausing set/clear local stream windowDaniel Stenberg
This reduces the HTTP/2 window size to 32 MB since libcurl might have to buffer up to this amount of data in memory and yet we don't want it set lower to potentially impact tranfer performance on high speed networks. Requires nghttp2 commit b3f85e2daa629 (https://github.com/nghttp2/nghttp2/pull/1444) to work properly, to end up in the next release after 1.40.0. Fixes #4939 Closes #4940
2020-02-21http2: now require nghttp2 >= 1.12.0Daniel Stenberg
To simplify our code and since earlier versions lack important function calls libcurl needs to function correctly. nghttp2 1.12.0 was relased on June 26, 2016. Closes #4961
2020-01-13ConnectionExists: respect the max_concurrent_streams limitsDaniel Stenberg
A regression made the code use 'multiplexed' as a boolean instead of the counter it is intended to be. This made curl try to "over-populate" connections with new streams. This regression came with 41fcdf71a1, shipped in curl 7.65.0. Also, respect the CURLMOPT_MAX_CONCURRENT_STREAMS value in the same check. Reported-by: Kunal Ekawde Fixes #4779 Closes #4784
2019-12-09conncache: fix multi-thread use of shared connection cacheDaniel Stenberg
It could accidentally let the connection get used by more than one thread, leading to double-free and more. Reported-by: Christopher Reid Fixes #4544 Closes #4557
2019-12-01build: Disable Visual Studio warning "conditional expression is constant"Jay Satiro
- Disable warning C4127 "conditional expression is constant" globally in curl_setup.h for when building with Microsoft's compiler. This mainly affects building with the Visual Studio project files found in the projects dir. Prior to this change the cmake and winbuild build systems already disabled 4127 globally for when building with Microsoft's compiler. Also, 4127 was already disabled for all build systems in the limited circumstance of the WHILE_FALSE macro which disabled the warning specifically for while(0). This commit removes the WHILE_FALSE macro and all other cruft in favor of disabling globally in curl_setup. Background: We have various macros that cause 0 or 1 to be evaluated, which would cause warning C4127 in Visual Studio. For example this causes it: #define Curl_resolver_asynch() 1 Full behavior is not clearly defined and inconsistent across versions. However it is documented that since VS 2015 Update 3 Microsoft has addressed this somewhat but not entirely, not warning on while(true) for example. Prior to this change some C4127 warnings occurred when I built with Visual Studio using the generated projects in the projects dir. Closes https://github.com/curl/curl/pull/4658
2019-10-30url: make Curl_close() NULLify the pointer tooDaniel Stenberg
This is the common pattern used in the code and by a unified approach we avoid mistakes. Closes #4534
2019-10-18http2_recv: a closed stream trumps pause stateDaniel Stenberg
... and thus should return 0, not EAGAIN. Reported-by: Tom van der Woerdt Fixes #4496 Closes #4505
2019-10-18http2: expire a timeout at end of streamDaniel Stenberg
To make sure that transfer is being dealt with. Streams without Content-Length need a final read to notice the end-of-stream state. Reported-by: Tom van der Woerdt Fixes #4496
2019-10-03http2: move state-init from creation to pre-transferDaniel Stenberg
To make sure that the HTTP/2 state is initialized correctly for duplicated handles. It would otherwise easily generate "spurious" PRIORITY frames to get sent over HTTP/2 connections when duplicated easy handles were used. Reported-by: Daniel Silverstone Fixes #4303 Closes #4442
2019-10-02CURLMOPT_MAX_CONCURRENT_STREAMS: new setoptKunal Ekawde
Closes #4410
2019-09-23http2: Expression 'stream->stream_id != - 1' is always trueDaniel Stenberg
PVS-Studio warning Fixes #4402
2019-09-23http2: A value is being subtracted from the unsigned variableDaniel Stenberg
PVS-Studio warning Fixes #4402
2019-09-23http: lowercase headernames for HTTP/2 and HTTP/3Barry Pollard
Closes #4401 Fixes #4400
2019-09-16http2: relax verification of :authority in push promise requestsChristoph M. Becker
If the :authority pseudo header field doesn't contain an explicit port, we assume it is valid for the default port, instead of rejecting the request for all ports. Ref: https://curl.haxx.se/mail/lib-2019-09/0041.html Closes #4365
2019-08-26http2: when marked for closure and wanted to close == OKDaniel Stenberg
It could otherwise return an error even when closed correctly if GOAWAY had been received previously. Reported-by: Tom van der Woerdt Fixes #4267 Closes #4268
2019-08-01timediff: make it 64 bit (if possible) even with 32 bit time_tDaniel Stenberg
... to make it hold microseconds too. Fixes #4165 Closes #4168
2019-07-30cleanup: remove the 'numsocks' argument used in many placesDaniel Stenberg
It was used (intended) to pass in the size of the 'socks' array that is also passed to these functions, but was rarely actually checked/used and the array is defined to a fixed size of MAX_SOCKSPEREASYHANDLE entries that should be used instead. Closes #4169
2019-07-29http2_recv: trigger another read when the last data is returnedDaniel Stenberg
... so that end-of-stream is detected properly. Reported-by: Tom van der Woerdt Fixes #4043 Closes #4160
2019-07-10headers: Remove no longer exported functionsDaniel Gustafsson
There were a leftover few prototypes of Curl_ functions that we used to export but no longer do, this removes those prototypes and cleans up any comments still referring to them. Curl_write32_le(), Curl_strcpy_url(), Curl_strlen_url(), Curl_up_free() Curl_concat_url(), Curl_detach_connnection(), Curl_http_setup_conn() were made static in 05b100aee247bb9bec8e9a1b0166496aa4248d1c. Curl_http_perhapsrewind() made static in 574aecee208f79d391f10d57520b3. For the remainder, I didn't trawl the Git logs hard enough to capture their exact time of deletion, but they were all gone: Curl_splayprint(), Curl_http2_send_request(), Curl_global_host_cache_dtor(), Curl_scan_cache_used(), Curl_hostcache_destroy(), Curl_second_connect(), Curl_http_auth_stage() and Curl_close_connections(). Closes #4096 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-06-24http2: call done_sending on end of uploadDaniel Stenberg
To make sure a HTTP/2 stream registers the end of stream. Bug #4043 made me find this problem but this fix doesn't correct the reported issue. Closes #4068
2019-06-21http2: don't call stream-close on already closed streamsDaniel Stenberg
Closes #4055
2019-06-11http2: remove CURL_DISABLE_TYPECHECK defineDaniel Stenberg
... in http2-less builds as it served no use.
2019-05-30http2: Stop drain from being permanently set onJosie Huddleston
Various functions called within Curl_http2_done() can have the side-effect of setting the Easy connection into drain mode (by calling drain_this()). However, the last time we unset this for a transfer (by calling drained_transfer()) is at the beginning of Curl_http2_done(). If the Curl_easy is reused for another transfer, it is then stuck in drain mode permanently, which in practice makes it unable to write any data in the new transfer. This fix moves the last call to drained_transfer() to later in Curl_http2_done(), after the functions that could potentially call for a drain. Fixes #3966 Closes #3967 Reported-by: Josie-H
2019-05-16cleanup: remove FIXME and TODO commentsDaniel Stenberg
They serve very little purpose and mostly just add noise. Most of them have been around for a very long time. I read them all before removing or rephrasing them. Ref: #3876 Closes #3883
2019-04-06pipelining: removedDaniel Stenberg
As previously planned and documented in DEPRECATE.md, all pipelining code is removed. Closes #3651
2019-04-03documentation: Fix several typosTim Rühsen
Closes #3724 Reviewed-by: Jakub Zakrzewski Reviewed-by: Daniel Gustafsson
2019-02-20http2: verify :athority in push promise requestsDaniel Stenberg
RFC 7540 says we should verify that the push is for an "authoritative" server. We make sure of this by only allowing push with an :athority header that matches the host that was asked for in the URL. Fixes #3577 Reported-by: Nicolas Grekas Bug: https://curl.haxx.se/mail/lib-2019-02/0057.html Closes #3581
2019-02-12http2: multi_connchanged() moved from multi.c, only used for h2Daniel Stenberg
Closes #3557
2019-02-10cleanup: make local functions staticDaniel Stenberg
urlapi: turn three local-only functions into statics conncache: make conncache_find_first_connection static multi: make detach_connnection static connect: make getaddressinfo static curl_ntlm_core: make hmac_md5 static http2: make two functions static http: make http_setup_conn static connect: make tcpnodelay static tests: make UNITTEST a thing to mark functions with, so they can be static for normal builds and non-static for unit test builds ... and mark Curl_shuffle_addr accordingly. url: make up_free static setopt: make vsetopt static curl_endian: make write32_le static rtsp: make rtsp_connisdead static warnless: remove unused functions memdebug: remove one unused function, made another static
2019-01-11urldata: rename easy_conn to just connDaniel Stenberg
We use "conn" everywhere to be a pointer to the connection. Introduces two functions that "attaches" and "detaches" the connection to and from the transfer. Going forward, we should favour using "data->conn" (since a transfer always only has a single connection or none at all) to "conn->data" (since a connection can have none, one or many transfers associated with it and updating conn->data to be correct is error prone and a frequent reason for internal issues). Closes #3442
2018-12-20http2: clear pause stream id if it gets closedDaniel Stenberg
Reported-by: Florian Pritz Fixes #3392 Closes #3399
2018-12-08Upon HTTP_1_1_REQUIRED, retry the request with HTTP/1.1Johannes Schindelin
This is a companion patch to cbea2fd2c (NTLM: force the connection to HTTP/1.1, 2018-12-06): with NTLM, we can switch to HTTP/1.1 preemptively. However, with other (Negotiate) authentication it is not clear to this developer whether there is a way to make it work with HTTP/2, so let's try HTTP/2 first and fall back in case we encounter the error HTTP_1_1_REQUIRED. Note: we will still keep the NTLM workaround, as it avoids an extra round trip. Daniel Stenberg helped a lot with this patch, in particular by suggesting to introduce the Curl_h2_http_1_1_error() function. Closes #3349 Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2018-11-23snprintf: renamed and we now only use msnprintf()Daniel Stenberg
The function does not return the same value as snprintf() normally does, so readers may be mislead into thinking the code works differently than it actually does. A different function name makes this easier to detect. Reported-by: Tomas Hoger Assisted-by: Daniel Gustafsson Fixes #3296 Closes #3297
2018-10-18travis: add build for "configure --disable-verbose"Daniel Stenberg
Closes #3144
2018-10-03memory: ensure to check allocation resultsDaniel Gustafsson
The result of a memory allocation should always be checked, as we may run under memory pressure where even a small allocation can fail. This adds checking and error handling to a few cases where the allocation wasn't checked for success. In the ftp case, the freeing of the path variable is moved ahead of the allocation since there is little point in keeping it around across the strdup, and the separation makes for more readable code. In nwlib, the lock is aslo freed in the error path. Also bumps the copyright years on affected files. Closes #3084 Reviewed-by: Jay Satiro <raysatiro@yahoo.com> Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-09-25Curl_http2_done: fix memleak in error pathDaniel Stenberg
Free 'header_recvbuf' unconditionally even if 'h2' isn't (yet) set, for early failures. Detected by OSS-Fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10669 Closes #3046
2018-09-16http: made Curl_add_buffer functions take a pointer-pointerDaniel Stenberg
... so that they can clear the original pointer on failure, which makes the error-paths and their cleanups easier. Closes #2992
2018-09-16http2: fix memory leaks on error-pathDaniel Stenberg
2018-09-10misc: fix typos in commentsDaniel Gustafsson
Closes #2963
2018-09-07upkeep: add a connection upkeep API: curl_easy_conn_upkeep()Max Dymond
Add functionality so that protocols can do custom keepalive on their connections, when an external API function is called. Add docs for the new options in 7.62.0 Closes #1641
2018-09-02http2: Use correct format identifier for stream_idRikard Falkeborn
Closes #2928
2018-08-22http2: abort the send_callback if not setup yetDaniel Stenberg
When Curl_http2_done() gets called before the http2 data is setup all the way, we cannot send anything and this should just return an error. Detected by OSS-Fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10012
2018-08-21http2: remove four unused nghttp2 callbacksDaniel Stenberg
Closes #2903
2018-08-21http2: avoid set_stream_user_data() before stream is assignedDaniel Stenberg
... before the stream is started, we have it set to -1. Fixes #2894 Closes #2898
2018-08-17http2: make sure to send after RST_STREAMDaniel Stenberg
If this is the last stream on this connection, the RST_STREAM might not get pushed to the wire otherwise. Fixes #2882 Closes #2887 Researched-by: Michael Kaufmann
2018-08-15http2: check nghttp2_session_set_stream_user_data return codeDaniel Stenberg
Might help bug #2688 debugging Closes #2880