From 7b1a22147e97e06316ca8707d6177fa9187d7550 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 13 Dec 2007 10:00:06 +0000 Subject: David Wright filed bug report #1849764 (http://curl.haxx.se/bug/view.cgi?id=1849764) with an included fix. He identified a problem for re-used connections that previously had sent Expect: 100-continue and in some situations the subsequent POST (that didn't use Expect:) still had the internal flag set for its use. David's fix (that makes the setting of the flag in every single request unconditionally) is fine and is now used! --- CHANGES | 9 +++++++++ RELEASE-NOTES | 3 ++- lib/http.c | 22 ++++++++++++---------- 3 files changed, 23 insertions(+), 11 deletions(-) diff --git a/CHANGES b/CHANGES index 6ce94b139..7921bcb5c 100644 --- a/CHANGES +++ b/CHANGES @@ -7,6 +7,15 @@ Changelog +Daniel S (13 Dec 2007) +- David Wright filed bug report #1849764 + (http://curl.haxx.se/bug/view.cgi?id=1849764) with an included fix. He + identified a problem for re-used connections that previously had sent + Expect: 100-continue and in some situations the subsequent POST (that didn't + use Expect:) still had the internal flag set for its use. David's fix (that + makes the setting of the flag in every single request unconditionally) is + fine and is now used! + Daniel S (12 Dec 2007) - Gilles Blanc made the curl tool enable SO_KEEPALIVE for the connections and added the --no-keep-alive option that can disable that on demand. diff --git a/RELEASE-NOTES b/RELEASE-NOTES index a1f1d7a38..6714b8dcd 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -35,6 +35,7 @@ This release includes the following bugfixes: o no longer default-appends ;type= on FTP URLs thru proxies o SSL session id caching o POST with callback over proxy requiring NTLM or Digest + o Expect: 100-continue flaw on re-used connection with POSTs This release includes the following known bugs: @@ -55,6 +56,6 @@ advice from friends like these: Dan Fandrich, Gisle Vanem, Toby Peterson, Yang Tse, Daniel Black, Robin Johnson, Michal Marek, Ates Goral, Andres Garcia, Rob Crittenden, Emil Romanus, Alessandro Vesely, Ray Pekowski, Spacen Jasset, Andrew Moise, - Gilles Blanc + Gilles Blanc, David Wright Thanks! (and sorry if I forgot to mention someone) diff --git a/lib/http.c b/lib/http.c index 7f3ff35a3..e41a8f750 100644 --- a/lib/http.c +++ b/lib/http.c @@ -2613,17 +2613,19 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) return result; } - if(data->set.postfields) { + /* For really small posts we don't use Expect: headers at all, and for + the somewhat bigger ones we allow the app to disable it. Just make + sure that the expect100header is always set to the preferred value + here. */ + if(postsize > TINY_INITIAL_POST_SIZE) { + result = expect100(data, req_buffer); + if(result) + return result; + } + else + data->state.expect100header = FALSE; - /* for really small posts we don't use Expect: headers at all, and for - the somewhat bigger ones we allow the app to disable it */ - if(postsize > TINY_INITIAL_POST_SIZE) { - result = expect100(data, req_buffer); - if(result) - return result; - } - else - data->state.expect100header = FALSE; + if(data->set.postfields) { if(!data->state.expect100header && (postsize < MAX_INITIAL_POST_SIZE)) { -- cgit v1.2.3