aboutsummaryrefslogtreecommitdiff
path: root/lib/http2.c
AgeCommit message (Collapse)Author
2018-01-11http2: fix incorrect trailer buffer sizeZhouyihai Ding
Prior to this change the stored byte count of each trailer was miscalculated and 1 less than required. It appears any trailer after the first that was passed to Curl_client_write would be truncated or corrupted as well as the size. Potentially the size of some subsequent trailer could be erroneously extracted from the contents of that trailer, and since that size is used by client write an out-of-bounds read could occur and cause a crash or be otherwise processed by client write. The bug appears to have been born in 0761a51 (precedes 7.49.0). Closes https://github.com/curl/curl/pull/2231
2017-11-21http2: fix "Value stored to 'end' is never read" scan-build errorDaniel Stenberg
2017-11-21http2: fix "Value stored to 'hdbuf' is never read" scan-build errorDaniel Stenberg
2017-11-01http2: Fixed OOM handling in upgrade requestDan Fandrich
This caused the torture tests on test 1800 to fail.
2017-11-01include: remove conncache.h inclusion from where its not neededDaniel Stenberg
2017-09-11code style: use spaces around plusesDaniel Stenberg
2017-09-11code style: use spaces around equals signsDaniel Stenberg
2017-09-02mime: new MIME API.Patrick Monnerat
Available in HTTP, SMTP and IMAP. Deprecates the FORM API. See CURLOPT_MIMEPOST. Lib code and associated documentation.
2017-08-18http2_recv: return error better on fatal h2 errorsDaniel Stenberg
Ref #1012 Figured-out-by: Tatsuhiro Tsujikawa
2017-06-30http2: handle PING framesMax Dymond
Add a connection check function to HTTP2 based off RTSP. This causes PINGs to be handled the next time the connection is reused. Closes #1521
2017-06-30handler: refactor connection checkingMax Dymond
Add a new type of callback to Curl_handler which performs checks on the connection. Alter RTSP so that it uses this callback to do its own check on connection health.
2017-06-18http2: fix OOM crashDaniel Stenberg
torture mode with test 1021 found it
2017-06-05test1521: test *all* curl_easy_setopt optionsDaniel Stenberg
mk-lib1521.pl generates a test program (lib1521.c) that calls curl_easy_setopt() for every known option with a few typical values to make sure they work (ignoring the return codes). Some small changes were necessary to avoid asserts and NULL accesses when doing this. The perl script needs to be manually rerun when we add new options. Closes #1543
2017-05-22assert: avoid, use DEBUGASSERT instead!Daniel Stenberg
... as it does extra checks to actually work. Reported-by: jonrumsey at github Fixes #1504
2017-05-10multi: use a fixed array of timers instead of mallocDaniel Stenberg
... since the total amount is low this is faster, easier and reduces memory overhead. Also, Curl_expire_done() can now mark an expire timeout as done so that it never times out. Closes #1472
2017-05-10multi: assign IDs to all timers and make each timer singletonDaniel Stenberg
A) reduces the timeout lists drastically B) prevents a lot of superfluous loops for timers that expires "in vain" when it has actually already been extended to fire later on
2017-05-01http2: use the correct set buffer sizeDaniel Stenberg
2017-04-30http2: declare TU-local variables staticMarcel Raad
This fixes the following clang warnings: http2.c:184:27: error: no previous extern declaration for non-static variable 'Curl_handler_http2' [-Werror,-Wmissing-variable-declarations] http2.c:204:27: error: no previous extern declaration for non-static variable 'Curl_handler_http2_ssl' [-Werror,-Wmissing-variable-declarations]
2017-04-15http2: fix handle leak in error pathLarry Stefani
Add missing newhandle free call in push_promise(). Closes #1416
2017-03-30http2: silence unused parameter warningsMarcel Raad
In release mode, MinGW complains: error: unused parameter 'lib_error_code' [-Werror=unused-parameter]
2017-02-13http2: fix memory-leak when denying push streamsDaniel Stenberg
Reported-by: zelinchen@users.noreply.github.com Fixes #1229
2017-02-07http2: reset push header counter fixes crashDaniel Stenberg
When removing an easy handler from a multi before it completed its transfer, and it had pushed streams, it would segfault due to the pushed counted not being cleared. Fixed-by: zelinchen@users.noreply.github.com Fixes #1249
2017-01-15http2: disable server push if not requestedAlessandro Ghedini
Ref: https://github.com/curl/curl/pull/1160
2017-01-11http2_send: avoid unsigned integer wrap aroundDaniel Stenberg
... when checking for a too large request.
2016-11-28http2: check nghttp2_session_set_local_window_size existsJay Satiro
The function only exists since nghttp2 1.12.0. Bug: https://github.com/curl/curl/commit/a4d8888#commitcomment-19985676 Reported-by: Michael Kaufmann
2016-11-28http2: Fix crashes when parent stream gets abortedAnders Bakken
Closes #1125
2016-11-24checksrc: move open braces to comply with function declaration styleDaniel Stenberg
2016-11-24checksrc: white space edits to comply to stricter checksrcDaniel Stenberg
2016-11-16http2: Use huge HTTP/2 windowsJay Satiro
- Improve performance by using a huge HTTP/2 window size. Bug: https://github.com/curl/curl/issues/1102 Reported-by: afrind@users.noreply.github.com Assisted-by: Tatsuhiro Tsujikawa
2016-11-16http2: Fix address sanitizer memcpy warningJay Satiro
- In Curl_http2_switched don't call memcpy when src is NULL. Curl_http2_switched can be called like: Curl_http2_switched(conn, NULL, 0); .. and prior to this change memcpy was then called like: memcpy(dest, NULL, 0) .. causing address sanitizer to warn: http2.c:2057:3: runtime error: null pointer passed as argument 2, which is declared to never be null
2016-11-11realloc: use Curl_saferealloc to avoid common mistakesDaniel Stenberg
Discussed: https://curl.haxx.se/mail/lib-2016-11/0087.html
2016-11-07http2: Don't send header fields prohibited by HTTP/2 specTatsuhiro Tsujikawa
Previously, we just ignored "Connection" header field. But HTTP/2 specification actually prohibits few more header fields. This commit ignores all of them so that we don't send these bad header fields. Bug: https://curl.haxx.se/mail/archive-2016-10/0033.html Reported-by: Ricki Hirner Closes https://github.com/curl/curl/pull/1092
2016-10-31strcasecompare: all case insensitive string compares ignore locale nowDaniel Stenberg
We had some confusions on when each function was used. We should not act differently on different locales anyway.
2016-09-16http2: debug ouput sent HTTP/2 request headersDaniel Stenberg
2016-09-09http2: support > 64bit sized uploadsDaniel Stenberg
... by making sure we don't count down the "upload left" counter when the uploaded size is unknown and then it can be allowed to continue forever. Fixes #996
2016-09-05http2: return EOF when done uploading without known sizeDaniel Stenberg
Fixes #982
2016-09-05http2: skip the content-length parsing, detect unknown sizeDaniel Stenberg
2016-09-05http2: minor white space editDaniel Stenberg
2016-09-05http2: use named define instead of magic constant in read callbackDaniel Stenberg
2016-08-28http2: return CURLE_HTTP2_STREAM for unexpected stream closeDaniel Stenberg
Follow-up to c3e906e9cd0f, seems like a more appropriate error code Suggested-by: Jay Satiro
2016-08-28http2: handle closed streams when uploadingTatsuhiro Tsujikawa
Fixes #986
2016-08-28http2: make sure stream errors don't needlessly close the connectionDaniel Stenberg
With HTTP/2 each transfer is made in an indivial logical stream over the connection, making most previous errors that caused the connection to get forced-closed now instead just kill the stream and not the connection. Fixes #941
2016-08-25http2: Remove incorrect commentsJay Satiro
.. also remove same from scp
2016-08-05http2: always wait for readable socketDaniel Stenberg
Since the server can at any time send a HTTP/2 frame to us, we need to wait for the socket to be readable during all transfers so that we can act on incoming frames even when uploading etc. Reminded-by: Tatsuhiro Tsujikawa
2016-08-05CURLOPT_TCP_NODELAY: now enabled by defaultDaniel Stenberg
After a few wasted hours hunting down the reason for slowness during a TLS handshake that turned out to be because of TCP_NODELAY not being set, I think we have enough motivation to toggle the default for this option. We now enable TCP_NODELAY by default and allow applications to switch it off. This also makes --tcp-nodelay unnecessary, but --no-tcp-nodelay can be used to disable it. Thanks-to: Tim Rühsen Bug: https://curl.haxx.se/mail/lib-2016-06/0143.html
2016-08-04multi: make Curl_expire() work with 0 ms timeoutsDaniel Stenberg
Previously, passing a timeout of zero to Curl_expire() was a magic code for clearing all timeouts for the handle. That is now instead made with the new Curl_expire_clear() function and thus a 0 timeout is fine to set and will trigger a timeout ASAP. This will help removing short delays, in particular notable when doing HTTP/2.
2016-06-22typedefs: use the full structs in internal code...Daniel Stenberg
... and save the typedef'ed names for headers and external APIs.
2016-06-22internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg
2016-05-19http2: use HTTP/2 in the HTTP/1.1-alike headerDaniel Stenberg
... when generating them, not "2.0" as the protocol is called just HTTP/2 and nothing else.
2016-05-12http2: Add space between colon and header valueCory Benfield
curl's representation of HTTP/2 responses involves transforming the response to a format that is similar to HTTP/1.1. Prior to this change, curl would do this by separating header names and values with only a colon, without introducing a space after the colon. While this is technically a valid way to represent a HTTP/1.1 header block, it is much more common to see a space following the colon. This change introduces that space, to ensure that incautious tools are safely able to parse the header block. This also ensures that the difference between the HTTP/1.1 and HTTP/2 response layout is as minimal as possible. Bug: https://github.com/curl/curl/issues/797 Closes #798 Fixes #797