Age | Commit message (Collapse) | Author |
|
|
|
This commit fixes a regression introduced in
fddb7b44a79d78e05043e1c97e069308b6b85f79.
Reported by: Markus Moeller
Bug: http://curl.haxx.se/mail/archive-2013-06/0052.html
|
|
RFC3986 details how a path part passed in as part of a URI should be
"cleaned" from dot sequences before getting used. The described
algorithm is now implemented in lib/dotdot.c with the accompanied test
case in test 1395.
Bug: http://curl.haxx.se/bug/view.cgi?id=1200
Reported-by: Alex Vinnik
|
|
When performing COOKIELIST operations the cookie lock needs to be taken
for the cases where the cookies are shared among multiple handles!
Verified by Benjamin Gilbert's updated test 506
Bug: http://curl.haxx.se/bug/view.cgi?id=1215
Reported-by: Benjamin Gilbert
|
|
|
|
... in order to prevent an artificial timeout event based on stale
speed-check data from a previous network transfer. This commit fixes
a regression caused by 9dd85bced56f6951107f69e581c872c1e7e3e58e.
Bug: https://bugzilla.redhat.com/906031
|
|
|
|
Commit 11332577b3cb removed the length check that was performed by the
old scanf() code.
|
|
Fixed an issue in parse_proxy(), introduced in commit 11332577b3cb,
where an empty username or password (For example: http://:@example.com)
would cause a crash.
|
|
|
|
Updated the naming convention of the login parameters to match those of
other functions.
|
|
Tidy up of variable names and comments in setstropt_userpwd() and
parse_login_details().
|
|
There is no need to perform separate clearing of data if a NULL option
pointer is passed in. Instead this operation can be performed by simply
not calling parse_login_details() and letting the rest of the code do
the work.
|
|
|
|
setstropt_userpwd() was calling setstropt() in commit fddb7b44a79d to
set each of the login details which would duplicate the strings and
subsequently cause a memory leak.
|
|
|
|
In addition to parsing the optional login options from the URL, added
support for parsing them from CURLOPT_USERPWD, to allow the following
supported command line:
--user username:password;options
|
|
Added bounds checking when searching for the separator characters within
the login string as this string may not be NULL terminated (For example
it is the login part of a URL). We do this in preference to allocating a
new string to copy the login details into which could then be passed to
parse_login_details() for performance reasons.
|
|
|
|
|
|
|
|
|
|
signed and unsigned type in conditional expression
|
|
Separated the parsing of login details from the processing of them in
parse_url_login() ready for use by setstropt_userpwd().
|
|
Re-factored these functions to reflect their new behaviour following the
addition of login options.
|
|
|
|
As well as parsing the username and password from the URL, added support
for parsing the optional options part from the login details, to allow
the following supported URL format:
schema://username:password;options@example.com/path?q=foobar
This will only be used by IMAP, POP3 and SMTP at present but any
protocol that may be given login options in the URL will be able to
add support for them.
|
|
Previously it only compared credentials if the requested needle
connection wasn't using a proxy. This caused NTLM authentication
failures when using proxies as the authentication code wasn't send on
the connection where the challenge arrived.
Added test 1215 to verify: NTLM server authentication through a proxy
(This is a modified copy of test 67)
|
|
At some point recently we lost the default value for the easy handle's
connection cache, and this change puts it back to 5 - which is the
former default value and it is documented in the curl_easy_setopt.3 man
page.
|
|
|
|
curl has been accepting URLs using slightly wrong syntax for a long
time, such as when completely missing as slash "http://example.org" or
missing a slash when a query part is given
"http://example.org?q=foobar".
curl would translate these into a legitimate HTTP request to servers,
although as was shown in bug #1206 it was not adjusted properly in the
cases where a HTTP proxy was used.
Test 1213 and 1214 were added to the test suite to verify this fix.
The test HTTP server was adjusted to allow us to specify test number in
the host name only without using any slashes in a given URL.
Bug: http://curl.haxx.se/bug/view.cgi?id=1206
Reported by: ScottJi
|
|
Introducing a number of options to the multi interface that
allows for multiple pipelines to the same host, in order to
optimize the balance between the penalty for opening new
connections and the potential pipelining latency.
Two new options for limiting the number of connections:
CURLMOPT_MAX_HOST_CONNECTIONS - Limits the number of running connections
to the same host. When adding a handle that exceeds this limit,
that handle will be put in a pending state until another handle is
finished, so we can reuse the connection.
CURLMOPT_MAX_TOTAL_CONNECTIONS - Limits the number of connections in total.
When adding a handle that exceeds this limit,
that handle will be put in a pending state until another handle is
finished. The free connection will then be reused, if possible, or
closed if the pending handle can't reuse it.
Several new options for pipelining:
CURLMOPT_MAX_PIPELINE_LENGTH - Limits the pipeling length. If a
pipeline is "full" when a connection is to be reused, a new connection
will be opened if the CURLMOPT_MAX_xxx_CONNECTIONS limits allow it.
If not, the handle will be put in a pending state until a connection is
ready (either free or a pipe got shorter).
CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE - A pipelined connection will not
be reused if it is currently processing a transfer with a content
length that is larger than this.
CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE - A pipelined connection will not
be reused if it is currently processing a chunk larger than this.
CURLMOPT_PIPELINING_SITE_BL - A blacklist of hosts that don't allow
pipelining.
CURLMOPT_PIPELINING_SERVER_BL - A blacklist of server types that don't allow
pipelining.
See the curl_multi_setopt() man page for details.
|
|
Always interprets the pointer passed with the CURLOPT_WRITEDATA or
CURLOPT_READDATA options of curl_easy_setopt() as a void pointer in
order to avoid problems in environments where FILE and void pointers
have non-trivial conversion.
|
|
Test 1212 added to verify
Bug: http://curl.haxx.se/bug/view.cgi?id=1190
|
|
This bug report properly identified that when doing SMTP and aborting
the transfer with a callback, it must be considered aborted prematurely
by the code to avoid QUIT etc to be attempted as that would cause a
hang.
The new test case 1507 verifies this behavior.
Reported by: Patricia Muscalu
Bug: http://curl.haxx.se/bug/view.cgi?id=1184
|
|
When a connection is no longer used, it is kept in the cache. If the
cache is full, the oldest idle connection is closed. If no connection is
idle, the current one is closed instead.
|
|
Remove internal separated behavior of the easy vs multi intercace.
curl_easy_perform() is now using the multi interface itself.
Several minor multi interface quirks and bugs have been fixed in the
process.
Much help with debugging this has been provided by: Yang Tse
|
|
Fixes initial proxy response being processed by the tunneled protocol
handler instead of the HTTP wrapper handler. This issue would trigger
upon delayed CONNECT response from the proxy.
Additionally fixes a multi interface code-path in which connections
would not time out properly.
This does not fix known bug #39.
URL: http://curl.haxx.se/mail/lib-2013-01/0191.html
|
|
This commit renames lib/setup.h to lib/curl_setup.h and
renames lib/setup_once.h to lib/curl_setup_once.h.
Removes the need and usage of a header inclusion guard foreign
to libcurl. [1]
Removes the need and presence of an alarming notice we carried
in old setup_once.h [2]
----------------------------------------
1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard
up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H,
this single inclusion guard is enough to ensure that inclusion of
lib/setup_once.h done from lib/setup.h is only done once.
Additionally lib/setup.h has always used __SETUP_ONCE_H macro to
protect inclusion of setup_once.h even after commit ec691ca3, this
was to avoid a circular header inclusion triggered when building a
c-ares enabled version with c-ares sources available which also has
a setup_once.h header. Commit ec691ca3 exposes the real nature of
__SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard
foreign to libcurl belonging to c-ares's setup_once.h
The renaming this commit does, fixes the circular header inclusion,
and as such removes the need and usage of a header inclusion guard
foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl.
2 - Due to the circular interdependency of old lib/setup_once.h and the
c-ares setup_once.h header, old file lib/setup_once.h has carried
back from 2006 up to now days an alarming and prominent notice about
the need of keeping libcurl's and c-ares's setup_once.h in sync.
Given that this commit fixes the circular interdependency, the need
and presence of mentioned notice is removed.
All mentioned interdependencies come back from now old days when
the c-ares project lived inside a curl subdirectory. This commit
removes last traces of such fact.
|
|
This reverts renaming and usage of lib/*.h header files done
28-12-2012, reverting 2 commits:
f871de0... build: make use of 76 lib/*.h renamed files
ffd8e12... build: rename 76 lib/*.h files
This also reverts removal of redundant include guard (redundant thanks
to changes in above commits) done 2-12-2013, reverting 1 commit:
c087374... curl_setup.h: remove redundant include guard
This also reverts renaming and usage of lib/*.c source files done
3-12-2013, reverting 3 commits:
13606bb... build: make use of 93 lib/*.c renamed files
5b6e792... build: rename 93 lib/*.c files
7d83dff... build: commit 13606bbfde follow-up 1
Start of related discussion thread:
http://curl.haxx.se/mail/lib-2013-01/0012.html
Asking for confirmation on pushing this revertion commit:
http://curl.haxx.se/mail/lib-2013-01/0048.html
Confirmation summary:
http://curl.haxx.se/mail/lib-2013-01/0079.html
NOTICE: The list of 2 files that have been modified by other
intermixed commits, while renamed, and also by at least one
of the 6 commits this one reverts follows below. These 2 files
will exhibit a hole in history unless git's '--follow' option
is used when viewing logs.
lib/curl_imap.h
lib/curl_smtp.h
|
|
93 lib/*.c source files renamed to use our standard naming scheme.
This commit only does the file renaming.
----------------------------------------
renamed: lib/amigaos.c -> lib/curl_amigaos.c
renamed: lib/asyn-ares.c -> lib/curl_asyn_ares.c
renamed: lib/asyn-thread.c -> lib/curl_asyn_thread.c
renamed: lib/axtls.c -> lib/curl_axtls.c
renamed: lib/base64.c -> lib/curl_base64.c
renamed: lib/bundles.c -> lib/curl_bundles.c
renamed: lib/conncache.c -> lib/curl_conncache.c
renamed: lib/connect.c -> lib/curl_connect.c
renamed: lib/content_encoding.c -> lib/curl_content_encoding.c
renamed: lib/cookie.c -> lib/curl_cookie.c
renamed: lib/cyassl.c -> lib/curl_cyassl.c
renamed: lib/dict.c -> lib/curl_dict.c
renamed: lib/easy.c -> lib/curl_easy.c
renamed: lib/escape.c -> lib/curl_escape.c
renamed: lib/file.c -> lib/curl_file.c
renamed: lib/fileinfo.c -> lib/curl_fileinfo.c
renamed: lib/formdata.c -> lib/curl_formdata.c
renamed: lib/ftp.c -> lib/curl_ftp.c
renamed: lib/ftplistparser.c -> lib/curl_ftplistparser.c
renamed: lib/getenv.c -> lib/curl_getenv.c
renamed: lib/getinfo.c -> lib/curl_getinfo.c
renamed: lib/gopher.c -> lib/curl_gopher.c
renamed: lib/gtls.c -> lib/curl_gtls.c
renamed: lib/hash.c -> lib/curl_hash.c
renamed: lib/hmac.c -> lib/curl_hmac.c
renamed: lib/hostasyn.c -> lib/curl_hostasyn.c
renamed: lib/hostcheck.c -> lib/curl_hostcheck.c
renamed: lib/hostip.c -> lib/curl_hostip.c
renamed: lib/hostip4.c -> lib/curl_hostip4.c
renamed: lib/hostip6.c -> lib/curl_hostip6.c
renamed: lib/hostsyn.c -> lib/curl_hostsyn.c
renamed: lib/http.c -> lib/curl_http.c
renamed: lib/http_chunks.c -> lib/curl_http_chunks.c
renamed: lib/http_digest.c -> lib/curl_http_digest.c
renamed: lib/http_negotiate.c -> lib/curl_http_negotiate.c
renamed: lib/http_negotiate_sspi.c -> lib/curl_http_negotiate_sspi.c
renamed: lib/http_proxy.c -> lib/curl_http_proxy.c
renamed: lib/idn_win32.c -> lib/curl_idn_win32.c
renamed: lib/if2ip.c -> lib/curl_if2ip.c
renamed: lib/imap.c -> lib/curl_imap.c
renamed: lib/inet_ntop.c -> lib/curl_inet_ntop.c
renamed: lib/inet_pton.c -> lib/curl_inet_pton.c
renamed: lib/krb4.c -> lib/curl_krb4.c
renamed: lib/krb5.c -> lib/curl_krb5.c
renamed: lib/ldap.c -> lib/curl_ldap.c
renamed: lib/llist.c -> lib/curl_llist.c
renamed: lib/md4.c -> lib/curl_md4.c
renamed: lib/md5.c -> lib/curl_md5.c
renamed: lib/memdebug.c -> lib/curl_memdebug.c
renamed: lib/mprintf.c -> lib/curl_mprintf.c
renamed: lib/multi.c -> lib/curl_multi.c
renamed: lib/netrc.c -> lib/curl_netrc.c
renamed: lib/non-ascii.c -> lib/curl_non_ascii.c
renamed: lib/curl_non-ascii.h -> lib/curl_non_ascii.h
renamed: lib/nonblock.c -> lib/curl_nonblock.c
renamed: lib/nss.c -> lib/curl_nss.c
renamed: lib/nwlib.c -> lib/curl_nwlib.c
renamed: lib/nwos.c -> lib/curl_nwos.c
renamed: lib/openldap.c -> lib/curl_openldap.c
renamed: lib/parsedate.c -> lib/curl_parsedate.c
renamed: lib/pingpong.c -> lib/curl_pingpong.c
renamed: lib/polarssl.c -> lib/curl_polarssl.c
renamed: lib/pop3.c -> lib/curl_pop3.c
renamed: lib/progress.c -> lib/curl_progress.c
renamed: lib/qssl.c -> lib/curl_qssl.c
renamed: lib/rawstr.c -> lib/curl_rawstr.c
renamed: lib/rtsp.c -> lib/curl_rtsp.c
renamed: lib/security.c -> lib/curl_security.c
renamed: lib/select.c -> lib/curl_select.c
renamed: lib/sendf.c -> lib/curl_sendf.c
renamed: lib/share.c -> lib/curl_share.c
renamed: lib/slist.c -> lib/curl_slist.c
renamed: lib/smtp.c -> lib/curl_smtp.c
renamed: lib/socks.c -> lib/curl_socks.c
renamed: lib/socks_gssapi.c -> lib/curl_socks_gssapi.c
renamed: lib/socks_sspi.c -> lib/curl_socks_sspi.c
renamed: lib/speedcheck.c -> lib/curl_speedcheck.c
renamed: lib/splay.c -> lib/curl_splay.c
renamed: lib/ssh.c -> lib/curl_ssh.c
renamed: lib/sslgen.c -> lib/curl_sslgen.c
renamed: lib/ssluse.c -> lib/curl_ssluse.c
renamed: lib/strdup.c -> lib/curl_strdup.c
renamed: lib/strequal.c -> lib/curl_strequal.c
renamed: lib/strerror.c -> lib/curl_strerror.c
renamed: lib/strtok.c -> lib/curl_strtok.c
renamed: lib/strtoofft.c -> lib/curl_strtoofft.c
renamed: lib/telnet.c -> lib/curl_telnet.c
renamed: lib/tftp.c -> lib/curl_tftp.c
renamed: lib/timeval.c -> lib/curl_timeval.c
renamed: lib/transfer.c -> lib/curl_transfer.c
renamed: lib/url.c -> lib/curl_url.c
renamed: lib/version.c -> lib/curl_version.c
renamed: lib/warnless.c -> lib/curl_warnless.c
renamed: lib/wildcard.c -> lib/curl_wildcard.c
----------------------------------------
|
|
93 *.c source files renamed to use our standard naming scheme.
This change affects 77 files in libcurl's source tree.
|
|
76 private header files renamed to use our standard naming scheme.
This change affects 322 files in libcurl's source tree.
|
|
|
|
Inclusion of top two most included header files now done in setup_once.h
|
|
A bundle is a list of all persistent connections to the same host.
The connection cache consists of a hash of bundles, with the
hostname as the key.
The benefits may not be obvious, but they are two:
1) Faster search for connections to reuse, since the hash
lookup only finds connections to the host in question.
2) It lays out the groundworks for an upcoming patch,
which will introduce multiple HTTP pipelines.
This patch also removes the awkward list of "closure handles",
which were needed to send QUIT commands to the FTP server
when closing a connection.
Now we allocate a separate closure handle and use that
one to close all connections.
This has been tested in a live system for a few weeks, and of
course passes the test suite.
|
|
|
|
The existing logic only cut off the fragment from the separate 'path'
buffer which is used when sending HTTP to hosts. The buffer that held
the full URL used for proxies were not dealt with. It is now.
Test case 5 was updated to use a fragment on a URL over a proxy.
Bug: http://curl.haxx.se/bug/view.cgi?id=3579813
|
|
After a research team wrote a document[1] that found several live source
codes out there in the wild that misused the CURLOPT_SSL_VERIFYHOST
option thinking it was a boolean, this change now bans 1 as a value and
will make libcurl return error for it.
1 was never a sensible value to use in production but was introduced
back in the days to help debugging. It was always documented clearly
this way.
1 was never supported by all SSL backends in libcurl, so this cleanup
makes the treatment of it unified.
The report's list of mistakes for this option were all PHP code and
while there's a binding layer between libcurl and PHP, the PHP team has
decided that they have an as thin layer as possible on top of libcurl so
they will not alter or specifically filter a 'TRUE' value for this
particular option. I sympathize with that position.
[1] = http://daniel.haxx.se/blog/2012/10/25/libcurl-claimed-to-be-dangerous/
|
|
When given a string as 'srp' it didn't work, but required 'SRP'.
Starting now, the check disregards casing.
Bug: http://curl.haxx.se/bug/view.cgi?id=3578418
Reported by: Jeff Connelly
|