aboutsummaryrefslogtreecommitdiff
path: root/lib/urldata.h
AgeCommit message (Collapse)Author
2019-09-28cookies: using a share with cookies shouldn't enable the cookie engineDaniel Stenberg
The 'share object' only sets the storage area for cookies. The "cookie engine" still needs to be enabled or activated using the normal cookie options. This caused the curl command line tool to accidentally use cookies without having been told to, since curl switched to using shared cookies in 7.66.0. Test 1166 verifies Updated test 506 Fixes #4429 Closes #4434
2019-09-26url: don't set appconnect time for non-ssl/non-ssh connectionsJay Satiro
Prior to this change non-ssl/non-ssh connections that were reused set TIMER_APPCONNECT [1]. Arguably that was incorrect since no SSL/SSH handshake took place. [1]: TIMER_APPCONNECT is publicly known as CURLINFO_APPCONNECT_TIME in libcurl and %{time_appconnect} in the curl tool. It is documented as "the time until the SSL/SSH handshake is completed". Reported-by: Marcel Hernandez Ref: https://github.com/curl/curl/issues/3760 Closes https://github.com/curl/curl/pull/3773
2019-09-21urldata: use 'bool' for the bit type on MSVC compilersDaniel Stenberg
Closes #4387 Fixes #4379
2019-09-19url: only reuse TLS connections with matching pinningDaniel Stenberg
If the requests have different CURLOPT_PINNEDPUBLICKEY strings set, the connection should not be reused. Bug: https://curl.haxx.se/mail/lib-2019-09/0061.html Reported-by: Sebastian Haglund Closes #4347
2019-09-03urldata: avoid 'generic', use dedicated pointersDaniel Stenberg
For the 'proto' union within the connectdata struct. Closes #4290
2019-08-16http: fix use of credentials from URL when using HTTP proxyDaniel Stenberg
When a username and password are provided in the URL, they were wrongly removed from the stored URL so that subsequent uses of the same URL wouldn't find the crendentials. This made doing HTTP auth with multiple connections (like Digest) mishave. Regression from 46e164069d1a5230 (7.62.0) Test case 335 added to verify. Reported-by: Mike Crowe Fixes #4228 Closes #4229
2019-08-14ngtcp2: do QUIC connections happy-eyeballs friendlyDaniel Stenberg
2019-08-08alt-svc: send Alt-Used: in redirected requestsDaniel Stenberg
RFC 7838 section 5: When using an alternative service, clients SHOULD include an Alt-Used header field in all requests. Removed CURLALTSVC_ALTUSED again (feature is still EXPERIMENTAL thus this is deemed ok). You can disable sending this header just like you disable any other HTTP header in libcurl. Closes #4199
2019-08-08CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directlyDaniel Stenberg
Even though it cannot fall-back to a lower HTTP version automatically. The safer way to upgrade remains via CURLOPT_ALTSVC. CURLOPT_H3 no longer has any bits that do anything and might be removed before we remove the experimental label. Updated the curl tool accordingly to use "--http3". Closes #4197
2019-08-07CURLINFO_RETRY_AFTER: parse the Retry-After header valueDaniel Stenberg
This is only the libcurl part that provides the information. There's no user of the parsed value. This change includes three new tests for the parser. Ref: #3794
2019-08-07quiche: make use of the connection timeout API properlyDaniel Stenberg
2019-08-06sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZIDSteve Holme
Added the ability for the calling program to specify the authorisation identity (authzid), the identity to act as, in addition to the authentication identity (authcid) and password when using SASL PLAIN authentication. Fixes #3653 Closes #3790 NOTE: This commit was cherry-picked and is part of a series of commits that added the authzid feature for upcoming 7.66.0. The series was temporarily reverted in db8ec1f so that it would not ship in a 7.65.x patch release. Closes https://github.com/curl/curl/pull/4186
2019-08-01timediff: make it 64 bit (if possible) even with 32 bit time_tDaniel Stenberg
... to make it hold microseconds too. Fixes #4165 Closes #4168
2019-07-30cleanup: remove the 'numsocks' argument used in many placesDaniel Stenberg
It was used (intended) to pass in the size of the 'socks' array that is also passed to these functions, but was rarely actually checked/used and the array is defined to a fixed size of MAX_SOCKSPEREASYHANDLE entries that should be used instead. Closes #4169
2019-07-21HTTP3: initial (experimental) supportDaniel Stenberg
USe configure --with-ngtcp2 or --with-quiche Using either option will enable a HTTP3 build. Co-authored-by: Alessandro Ghedini <alessandro@ghedini.me> Closes #3500
2019-06-10multi: make sure 'data' can present in several sockhash entriesDaniel Stenberg
Since more than one socket can be used by each transfer at a given time, each sockhash entry how has its own hash table with transfers using that socket. In addition, the sockhash entry can now be marked 'blocked = TRUE'" which then makes the delete function just set 'removed = TRUE' instead of removing it "for real", as a way to not rip out the carpet under the feet of a parent function that iterates over the transfers of that same sockhash entry. Reported-by: Tom van der Woerdt Fixes #3961 Fixes #3986 Fixes #3995 Fixes #4004 Closes #3997
2019-06-04ssl: Update outdated "openssl-only" comments for supported backendsFrank Gevaerts
These are for features that used to be openssl-only but were expanded over time to support other SSL backends. Closes #3985
2019-06-02http: don't parse body-related headers bodyless responsesMichael Kaufmann
Responses with status codes 1xx, 204 or 304 don't have a response body. For these, don't parse these headers: - Content-Encoding - Content-Length - Content-Range - Last-Modified - Transfer-Encoding This change ensures that HTTP/2 upgrades work even if a "Content-Length: 0" or a "Transfer-Encoding: chunked" header is present. Co-authored-by: Daniel Stenberg Closes #3702 Fixes #3968 Closes #3977
2019-05-28multi: track users of a socket betterDaniel Stenberg
They need to be removed from the socket hash linked list with more care. When sh_delentry() is called to remove a sockethash entry, remove all individual transfers from the list first. To enable this, each Curl_easy struct now stores a pointer to the sockethash entry to know how to remove itself. Reported-by: Tom van der Woerdt and Kunal Ekawde Fixes #3952 Fixes #3904 Closes #3953
2019-05-25Revert all SASL authzid (new feature) commitsJay Satiro
- Revert all commits related to the SASL authzid feature since the next release will be a patch release, 7.65.1. Prior to this change CURLOPT_SASL_AUTHZID / --sasl-authzid was destined for the next release, assuming it would be a feature release 7.66.0. However instead the next release will be a patch release, 7.65.1 and will not contain any new features. After the patch release after the reverted commits can be restored by using cherry-pick: git cherry-pick a14d72c a9499ff 8c1cc36 c2a8d52 0edf690 Details for all reverted commits: Revert "os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid()." This reverts commit 0edf6907ae37e2020722e6f61229d8ec64095b0a. Revert "tests: Fix the line endings for the SASL alt-auth tests" This reverts commit c2a8d52a1356a722ff9f4aeb983cd4eaf80ef221. Revert "examples: Added SASL PLAIN authorisation identity (authzid) examples" This reverts commit 8c1cc369d0c7163c6dcc91fd38edfea1f509ae75. Revert "curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool" This reverts commit a9499ff136d89987af885e2d7dff0a066a3e5817. Revert "sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID" This reverts commit a14d72ca2fec5d4eb5a043936e4f7ce08015c177.
2019-05-22sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZIDSteve Holme
Added the ability for the calling program to specify the authorisation identity (authzid), the identity to act as, in addition to the authentication identity (authcid) and password when using SASL PLAIN authentication. Fixed #3653 Closes #3790
2019-05-17libcurl: #ifdef away more code for disabled features/protocolsDaniel Stenberg
2019-05-15http_negotiate: Move the Negotiate state out of the negotiatedata structureSteve Holme
Given that this member variable is not used by the SASL based protocols there is no need to have it here. Closes #3882
2019-05-15http_ntlm: Move the NTLM state out of the ntlmdata structureSteve Holme
Given that this member variable is not used by the SASL based protocols there is no need to have it here.
2019-05-15url: Move the negotiate state type into a dedicated enumSteve Holme
2019-05-13wildcard: disable from build when FTP isn't presentDaniel Stenberg
2019-05-13http: CURL_DISABLE_HTTP_AUTHDaniel Stenberg
2019-05-13doh: CURL_DISABLE_DOHDaniel Stenberg
2019-05-06ssh: define USE_SSH if SSH is enabled (any backend)Daniel Stenberg
Closes #3846
2019-05-01process_pending_handles: mark queued transfers as previously pendingDaniel Stenberg
With transfers being queued up, we only move one at a a time back to the CONNECT state but now we mark moved transfers so that when a moved transfer is confirmed "successful" (it connected) it will trigger the move of another pending transfer. Previously, it would otherwise wait until the transfer was done before doing this. This makes queued up pending transfers get processed (much) faster.
2019-04-29CURL_MAX_INPUT_LENGTH: largest acceptable string input sizeDaniel Stenberg
This limits all accepted input strings passed to libcurl to be less than CURL_MAX_INPUT_LENGTH (8000000) bytes, for these API calls: curl_easy_setopt() and curl_url_set(). The 8000000 number is arbitrary picked and is meant to detect mistakes or abuse, not to limit actual practical use cases. By limiting the acceptable string lengths we also reduce the risk of integer overflows all over. NOTE: This does not apply to `CURLOPT_POSTFIELDS`. Test 1559 verifies. Closes #3805
2019-04-21CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuseDaniel Stenberg
... and disconnect too old ones instead of trying to reuse. Default max age is set to 118 seconds. Ref: #3722 Closes #3782
2019-04-11CURLOPT_DNS_USE_GLOBAL_CACHE: removeDaniel Stenberg
Remove the code too. The functionality has been disabled in code since 7.62.0. Setting this option will from now on simply be ignored and have no function. Closes #3654
2019-04-06pipelining: removedDaniel Stenberg
As previously planned and documented in DEPRECATE.md, all pipelining code is removed. Closes #3651
2019-03-27resolve: apply Happy Eyeballs philosophy to parallel c-ares queriesBrad Spencer
Closes #3699
2019-03-14Negotiate: fix for HTTP POST with NegotiateDominik Hölzl
* Adjusted unit tests 2056, 2057 * do not generally close connections with CURLAUTH_NEGOTIATE after every request * moved negotiatedata from UrlState to connectdata * Added stream rewind logic for CURLAUTH_NEGOTIATE * introduced negotiatedata::GSS_AUTHDONE and negotiatedata::GSS_AUTHSUCC * Consider authproblem state for CURLAUTH_NEGOTIATE * Consider reuse_forbid for CURLAUTH_NEGOTIATE * moved and adjusted negotiate authentication state handling from output_auth_headers into Curl_output_negotiate * Curl_output_negotiate: ensure auth done is always set * Curl_output_negotiate: Set auth done also if result code is GSS_S_CONTINUE_NEEDED/SEC_I_CONTINUE_NEEDED as this result code may also indicate the last challenge request (only works with disabled Expect: 100-continue and CURLOPT_KEEP_SENDING_ON_ERROR -> 1) * Consider "Persistent-Auth" header, detect if not present; Reset/Cleanup negotiate after authentication if no persistent authentication * apply changes introduced with #2546 for negotiate rewind logic Fixes #1261 Closes #1975
2019-03-03alt-svc: the libcurl bitsDaniel Stenberg
2019-03-01urldata: simplify bytecountersDaniel Stenberg
- no need to have them protocol specific - no need to set pointers to them with the Curl_setup_transfer() call - make Curl_setup_transfer() operate on a transfer pointer, not connection - switch some counters from long to the more proper curl_off_t type Closes #3627
2019-02-28Curl_easy: remove req.maxfd - never used!Daniel Stenberg
Introduced in 8b6314ccfb, but not used anymore in current code. Unclear since when. Closes #3626
2019-02-27urldata: convert bools to bitfields and move to endDaniel Stenberg
This allows the compiler to pack and align the structs better in memory. For a rather feature-complete build on x86_64 Linux, gcc 8.1.2 makes the Curl_easy struct 4.9% smaller. From 6312 bytes to 6000. Removed an unused struct field. No functionality changes. Closes #3610
2019-02-26strerror: make the strerror function use local buffersDaniel Stenberg
Instead of using a fixed 256 byte buffer in the connectdata struct. In my build, this reduces the size of the connectdata struct by 11.8%, from 2160 to 1904 bytes with no functionality or performance loss. This also fixes a bug in schannel's Curl_verify_certificate where it called Curl_sspi_strerror when it should have called Curl_strerror for string from GetLastError. the only effect would have been no text or the wrong text being shown for the error. Co-authored-by: Jay Satiro Closes #3612
2019-02-19connection: never reuse CONNECT_ONLY conectionsDaniel Stenberg
and make CONNECT_ONLY conections never reuse any existing ones either. Reported-by: Pavel Löbl Bug: https://curl.haxx.se/mail/lib-2019-02/0064.html Closes #3586
2019-02-14gssapi: fix deprecated header warningsDaniel Stenberg
Heimdal includes on FreeBSD spewed out lots of them. Less so now. Closes #3566
2019-02-12pretransfer: don't strlen() POSTFIELDS set for GET requestsDaniel Stenberg
... since that data won't be used in the request anyway. Fixes #3548 Reported-by: Renaud Allard Close #3549
2019-02-01spnego_sspi: add support for channel bindinggeorgeok
Attempt to add support for Secure Channel binding when negotiate authentication is used. The problem to solve is that by default IIS accepts channel binding and curl doesn't utilise them. The result was a 401 response. Scope affects only the Schannel(winssl)-SSPI combination. Fixes https://github.com/curl/curl/issues/3503 Closes https://github.com/curl/curl/pull/3509
2019-01-19ntlm_sspi: add support for channel bindinggeorgeok
Windows extended potection (aka ssl channel binding) is required to login to ntlm IIS endpoint, otherwise the server returns 401 responses. Fixes #3280 Closes #3321
2019-01-11urldata: rename easy_conn to just connDaniel Stenberg
We use "conn" everywhere to be a pointer to the connection. Introduces two functions that "attaches" and "detaches" the connection to and from the transfer. Going forward, we should favour using "data->conn" (since a transfer always only has a single connection or none at all) to "conn->data" (since a connection can have none, one or many transfers associated with it and updating conn->data to be correct is error prone and a frequent reason for internal issues). Closes #3442
2019-01-10multi: multiplexing improvementsDaniel Stenberg
Fixes #3436 Closes #3448 Problem 1 After LOTS of scratching my head, I eventually realized that even when doing 10 uploads in parallel, sometimes the socket callback to the application that tells it what to wait for on the socket, looked like it would reflect the status of just the single transfer that just changed state. Digging into the code revealed that this was indeed the truth. When multiple transfers are using the same connection, the application did not correctly get the *combined* flags for all transfers which then could make it switch to READ (only) when in fact most transfers wanted to get told when the socket was WRITEABLE. Problem 1b A separate but related regression had also been introduced by me when I cleared connection/transfer association better a while ago, as now the logic couldn't find the connection and see if that was marked as used by more transfers and then it would also prematurely remove the socket from the socket hash table even in times other transfers were still using it! Fix 1 Make sure that each socket stored in the socket hash has a "combined" action field of what to ask the application to wait for, that is potentially the ORed action of multiple parallel transfers. And remove that socket hash entry only if there are no transfers left using it. Problem 2 The socket hash entry stored an association to a single transfer using that socket - and when curl_multi_socket_action() was called to tell libcurl about activities on that specific socket only that transfer was "handled". This was WRONG, as a single socket/connection can be used by numerous parallel transfers and not necessarily a single one. Fix 2 We now store a list of handles in the socket hashtable entry and when libcurl is told there's traffic for a particular socket, it now iterates over all known transfers using that single socket.
2018-12-27hostip: support wildcard hostsClaes Jakobsson
This adds support for wildcard hosts in CURLOPT_RESOLVE. These are try-last so any non-wildcard entry is resolved first. If specified, any host not matched by another CURLOPT_RESOLVE config will use this as fallback. Example send a.com to 10.0.0.1 and everything else to 10.0.0.2: curl --resolve *:443:10.0.0.2 --resolve a.com:443:10.0.0.1 \ https://a.com https://b.com This is probably quite similar to using: --connect-to a.com:443:10.0.0.1:443 --connect-to :443:10.0.0.2:443 Closes #3406 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-21http: added options for allowing HTTP/0.9 responsesDaniel Stenberg
Added CURLOPT_HTTP09_ALLOWED and --http0.9 for this purpose. For now, both the tool and library allow HTTP/0.9 by default. docs/DEPRECATE.md lays out the plan for when to reverse that default: 6 months after the 7.64.0 release. The options are added already now so that applications/scripts can start using them already now. Fixes #2873 Closes #3383