generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' into http2-push

Browse Source
This commit is contained in:
Daniel Stenberg 2015-06-24 23:34:51 +02:00
commit f87a3d736f
91 changed files with 1515 additions and 1429 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README
View File

@ -38,7 +38,7 @@ GIT
To download the very latest source off the GIT server do this:
git clone git://github.com/bagder/curl.git
git clone https://github.com/bagder/curl.git
(you'll get a directory named curl created, filled with the source code)

117
RELEASE-NOTES
View File

@ -1,83 +1,19 @@
Curl and libcurl 7.43.0
Curl and libcurl 7.44.0
Public curl releases: 147
Public curl releases: 148
Command line options: 176
curl_easy_setopt() options: 218
curl_easy_setopt() options: 219
Public functions in libcurl: 58
Contributors: 1265
Contributors: 1291
This release includes the following changes:
o Added CURLOPT_PROXY_SERVICE_NAME[11]
o Added CURLOPT_SERVICE_NAME[12]
o New curl option: --proxy-service-name[13]
o Mew curl option: --service-name [14]
o New curl option: --data-raw [5]
o Added CURLOPT_PIPEWAIT [15]
o Added support for multiplexing transfers using HTTP/2, enable this
with the new CURLPIPE_MULTIPLEX bit for CURLMOPT_PIPELINING [16]
o HTTP/2: requires nghttp2 1.0.0 or later
o scripts: add zsh.pl for generating zsh completion
o curl.h: add CURL_HTTP_VERSION_2
o
This release includes the following bugfixes:
o nss: fix compilation failure with old versions of NSS [1]
o curl_easy_getinfo.3: document 'internals' in CURLINFO_TLS_SESSION
o schannel.c: Fix possible SEC_E_BUFFER_TOO_SMALL error
o Curl_ossl_init: load builtin modules [2]
o configure: follow-up fix for krb5-config [3]
o sasl_sspi: Populate domain from the realm in the challenge [4]
o netrc: support 'default' token
o README: convert to UTF-8
o cyassl: Implement public key pinning
o nss: implement public key pinning for NSS backend
o mingw build: add arch -m32/-m64 to LDFLAGS
o schannel: Fix out of bounds array [6]
o configure: remove autogenerated files by autoconf
o configure: remove --automake from libtoolize call
o acinclude.m4: fix shell test for default CA cert bundle/path
o schannel: fix regression in schannel_recv [7]
o openssl: skip trace outputs for ssl_ver == 0 [8]
o gnutls: properly retrieve certificate status
o netrc: Read in text mode when cygwin [9]
o winbuild: Document the option used to statically link the CRT [10]
o FTP: Make EPSV use the control IP address rather than the original host
o FTP: fix dangling conn->ip_addr dereference on verbose EPSV
o conncache: keep bundles on host+port bases, not only host names
o runtests.pl: use 'h2c' now, no -14 anymore
o curlver: introducing new version number (checking) macros
o openssl: boringssl build brekage, use SSL_CTX_set_msg_callback [17]
o CURLOPT_POSTFIELDS.3: correct variable names [18]
o curl_easy_unescape.3: update RFC reference [19]
o gnutls: don't fail on non-fatal alerts during handshake
o testcurl.pl: allow source to be in an arbitrary directory
o CURLOPT_HTTPPROXYTUNNEL.3: only works with a HTTP proxy
o SSPI-error: Change SEC_E_ILLEGAL_MESSAGE description [20]
o parse_proxy: switch off tunneling if non-HTTP proxy [21]
o share_init: fix OOM crash
o perl: remove subdir, not touched in 9 years
o CURLOPT_COOKIELIST.3: Add example
o CURLOPT_COOKIE.3: Explain that the cookies won't be modified [22]
o CURLOPT_COOKIELIST.3: Explain Set-Cookie without a domain [23]
o FAQ: How do I port libcurl to my OS?
o openssl: Use TLS_client_method for OpenSSL 1.1.0+
o HTTP-NTLM: fail auth on connection close instead of looping [24]
o curl_setup: Add macros for FOPEN_READTEXT, FOPEN_WRITETEXT [25]
o curl_getdate.3: update RFC reference
o curl_multi_info_read.3: added example
o curl_multi_perform.3: added example
o curl_multi_timeout.3: added example
o cookie: Stop exporting any-domain cookies [26]
o openssl: remove dummy callback use from SSL_CTX_set_verify()
o openssl: remove SSL_get_session()-using code
o openssl: removed USERDATA_IN_PWD_CALLBACK kludge
o openssl: removed error string #ifdef
o openssl: Fix verification of server-sent legacy intermediates [27]
o docs: man page indentation and syntax fixes
o docs: Spelling fixes
o fopen.c: fix a few compiler warnings
o CURLOPT_OPENSOCKETFUNCTION: return error at once [28]
o
This release includes the following known bugs:
@ -86,45 +22,10 @@ This release includes the following known bugs:
This release would not have looked like this without help, code, reports and
advice from friends like these:
Alessandro Ghedini, Alexander Dyagilev, Anders Bakken, Anthony Avina,
Ashish Shukla, Bert Huijben, Brian Chrisman, Brian Prodoehl, Chris Araman,
Dagobert Michelsen, Dan Fandrich, Daniel Melani, Daniel Stenberg,
Dmitry Eremin-Solenikov, Egon Eckert, Fred Stluka, Gisle Vanem, Grant Pannell,
Isaac Boukris, Jens Rantil, Kamil Dudka, Linus Nielsen, Liviu Chircu,
Marc Hoersken, Michael Osipov, Oren Souroujon, Orgad Shaneh, Patrick Monnerat,
Patrick Rapin, Paul Howarth, Rafayel Mkrtchyan, Ray Satiro, Sean Boudreau,
Tatsuhiro Tsujikawa, Viktor Szakáts, Ville Skyttä, Yehezkel Horowitz,
(37 contributors)
Thanks! (and sorry if I forgot to mention someone)
References to bug reports and discussions on issues:
[1] = http://curl.haxx.se/mail/lib-2015-04/0095.html
[2] = https://github.com/bagder/curl/pull/206
[3] = https://github.com/bagder/curl/commit/5b668606527613179d0349f21b4ab0df2971e3d2#commitcomment-10473445
[4] = https://github.com/bagder/curl/pull/141
[5] = https://github.com/bagder/curl/issues/198
[6] = http://curl.haxx.se/mail/lib-2015-04/0199.html
[7] = https://github.com/bagder/curl/issues/244
[8] = https://github.com/bagder/curl/issues/219
[9] = https://github.com/bagder/curl/pull/258
[10] = https://github.com/bagder/curl/issues/254
[11] = http://curl.haxx.se/libcurl/c/CURLOPT_PROXY_SERVICE_NAME.html
[12] = http://curl.haxx.se/libcurl/c/CURLOPT_SERVICE_NAME.html
[13] = http://curl.haxx.se/docs/manpage.html#--proxy-service-name
[14] = http://curl.haxx.se/docs/manpage.html#--service-name
[15] = http://curl.haxx.se/libcurl/c/CURLOPT_PIPEWAIT.html
[16] = http://curl.haxx.se/libcurl/c/CURLMOPT_PIPELINING.html
[17] = https://github.com/bagder/curl/issues/275
[18] = https://github.com/bagder/curl/issues/281
[19] = https://github.com/bagder/curl/issues/282
[20] = https://github.com/bagder/curl/issues/267
[21] = http://curl.haxx.se/mail/lib-2015-05/0056.html
[22] = http://curl.haxx.se/mail/lib-2015-05/0115.html
[23] = http://curl.haxx.se/mail/lib-2015-05/0137.html
[24] = https://github.com/bagder/curl/issues/256
[25] = https://github.com/bagder/curl/pull/258#issuecomment-107093055
[26] = https://github.com/bagder/curl/issues/292
[27] = https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest
[28] = http://curl.haxx.se/mail/lib-2015-06/0047.html
[1] =

18
docs/BINDINGS
View File

@ -78,7 +78,7 @@ Ferite
Gambas
http://gambas.sourceforge.net
http://gambas.sourceforge.net/
glib/GTK+
@ -130,7 +130,7 @@ Mono
.NET
libcurl-net by Jeffrey Phillips
http://sourceforge.net/projects/libcurl-net/
https://sourceforge.net/projects/libcurl-net/
node.js
@ -145,7 +145,7 @@ Object-Pascal
O'Caml
Written by Lars Nilsson
http://sourceforge.net/projects/ocurl/
https://sourceforge.net/projects/ocurl/
Pascal
@ -160,7 +160,7 @@ Perl
PHP
Written by Sterling Hughes
http://php.net/curl
https://php.net/curl
PostgreSQL
@ -174,8 +174,7 @@ Python
R
RCurl by Duncan Temple Lang
http://www.omegahat.org/RCurl/
http://cran.r-project.org/package=curl
Rexx
@ -234,7 +233,7 @@ Tcl
Visual Basic
libcurl-vb by Jeffrey Phillips
http://sourceforge.net/projects/libcurl-vb/
https://sourceforge.net/projects/libcurl-vb/
Visual Foxpro
@ -254,3 +253,8 @@ XBLite
Written by David Szafranski
http://perso.wanadoo.fr/xblite/libraries.html
Xojo
Written by Andrew Lambert
https://github.com/charonn0/RB-libcURL

6
docs/CONTRIBUTE
View File

@ -203,7 +203,7 @@
You need to first checkout the repository:
git clone git://github.com/bagder/curl.git
git clone https://github.com/bagder/curl.git
You then proceed and edit all the files you like and you commit them to your
local repository:
@ -245,8 +245,8 @@
For unix-like operating systems:
http://www.gnu.org/software/patch/patch.html
http://www.gnu.org/directory/diffutils.html
https://savannah.gnu.org/projects/patch/
https://www.gnu.org/software/diffutils/
For Windows:

14
docs/DISTRO-DILEMMA
View File

@ -112,7 +112,7 @@ The Better License, Original BSD, GPL or LGPL?
In Debian land, there seems to be a common opinion that LGPL is "maximally
compatible" with apps while Original BSD is not. Like this:
http://lists.debian.org/debian-devel/2005/09/msg01417.html
https://lists.debian.org/debian-devel/2005/09/msg01417.html
More SSL Libraries
@ -163,13 +163,13 @@ Distro Angle of this Problem
Footnotes
[1] = http://www.xfree86.org/3.3.6/COPYRIGHT2.html#6
[2] = http://www.fsf.org/licensing/essays/bsd.html
[3] = http://www.fsf.org/licensing/licenses/gpl.html
[2] = https://www.gnu.org/philosophy/bsd.html
[3] = https://www.gnu.org/licenses/gpl.html
[4] = http://curl.haxx.se/docs/copyright.html
[5] = http://www.openssl.org/source/license.html
[6] = http://www.fsf.org/licensing/licenses/gpl.html end of section 3
[7] = http://www.fsf.org/licensing/licenses/lgpl.html
[8] = http://en.wikipedia.org/wiki/OpenSSL_exception
[5] = https://www.openssl.org/source/license.html
[6] = https://www.gnu.org/licenses/gpl.html end of section 3
[7] = https://www.gnu.org/licenses/lgpl.html
[8] = https://en.wikipedia.org/wiki/OpenSSL_exception
Feedback/Updates provided by

12
docs/FAQ
View File

@ -352,7 +352,7 @@ FAQ
cryptography. When doing so, the Export Control Classification Number (ECCN)
is used to identify the level of export control etc.
ASF gives a good explanation at http://www.apache.org/dev/crypto.html
ASF gives a good explanation at https://www.apache.org/dev/crypto.html
We believe curl's number might be ECCN 5D002, another possibility is
5D992. It seems necessary to write them, asking to confirm.
@ -1042,7 +1042,7 @@ FAQ
timeout is set.
See option TcpMaxConnectRetransmissions on this page:
http://support.microsoft.com/?scid=kb%3Ben-us%3B175523&x=6&y=7
https://support.microsoft.com/en-us/kb/175523/en-us
Also, even on non-Windows systems there may run a firewall or anti-virus
software or similar that accepts the connection but does not actually do
@ -1059,7 +1059,7 @@ FAQ
You'll find that even if D:\blah.txt does exist, cURL returns a 'file
not found' error.
According to RFC 1738 (http://www.faqs.org/rfcs/rfc1738.html),
According to RFC 1738 (https://www.ietf.org/rfc/rfc1738.txt),
file:// URLs must contain a host component, but it is ignored by
most implementations. In the above example, 'D:' is treated as the
host component, and is taken away. Thus, cURL tries to open '/blah.txt'.
@ -1163,13 +1163,13 @@ FAQ
If you use a OpenSSL-powered libcurl in a multi-threaded environment, you
need to provide one or two locking functions:
http://www.openssl.org/docs/crypto/threads.html
https://www.openssl.org/docs/crypto/threads.html
If you use a GnuTLS-powered libcurl in a multi-threaded environment, you
need to provide locking function(s) for libgcrypt (which is used by GnuTLS
for the crypto functions).
http://www.gnu.org/software/gnutls/manual/html_node/Multi_002dthreaded-applications.html
https://web.archive.org/web/20111103083330/http://www.gnu.org/software/gnutls/manual/html_node/Multi_002dthreaded-applications.html
No special locking is needed with a NSS-powered libcurl. NSS is thread-safe.
@ -1345,7 +1345,7 @@ FAQ
Also note that on many networks NATs or other IP-munging techniques are used
that makes you see and use a different IP address locally than what the
remote server will see you coming from. You may also consider using
http://www.torproject.org .
https://www.torproject.org/ .
5.13 How do I stop an ongoing transfer?

2
docs/HTTP-COOKIES
View File

@ -36,7 +36,7 @@ HTTP Cookies
For a very long time, the only spec explaining how to use cookies was the
original Netscape spec from 1994: http://curl.haxx.se/rfc/cookie_spec.html
In 2011, RFC6265 (http://www.ietf.org/rfc/rfc6265.txt) was finally published
In 2011, RFC6265 (https://www.ietf.org/rfc/rfc6265.txt) was finally published
and details how cookies work within HTTP.
1.2 Cookies saved to disk

4
docs/HTTP2.md
View File

@ -1,7 +1,7 @@
HTTP/2 with curl
================
[HTTP/2 Spec](http://www.rfc-editor.org/rfc/rfc7540.txt)
[HTTP/2 Spec](https://www.rfc-editor.org/rfc/rfc7540.txt)
[http2 explained](http://daniel.haxx.se/http2/)
Build prerequisites
@ -95,7 +95,7 @@ same origin server that you get the response from. A browser or long-living
client can use that hint to create a new connection asynchronously. For
libcurl, we may introduce a way to bring such clues to the applicaton and/or
let a subsequent request use the alternate route
automatically. [Spec](http://tools.ietf.org/html/draft-ietf-httpbis-alt-svc-05)
automatically. [Spec](https://tools.ietf.org/html/draft-ietf-httpbis-alt-svc-05)
TODO
----

53
docs/INSTALL
View File

@ -173,13 +173,13 @@ Win32
advice given above.
KB94248 - How To Use the C Run-Time
http://support.microsoft.com/kb/94248/en-us
https://support.microsoft.com/kb/94248/en-us
KB140584 - How to link with the correct C Run-Time (CRT) library
http://support.microsoft.com/kb/140584/en-us
https://support.microsoft.com/kb/140584/en-us
KB190799 - Potential Errors Passing CRT Objects Across DLL Boundaries
http://msdn.microsoft.com/en-us/library/ms235460
https://msdn.microsoft.com/en-us/library/ms235460
If your app is misbehaving in some strange way, or it is suffering
from memory corruption, before asking for further help, please try
@ -209,8 +209,8 @@ Win32
environment variables, for example:
set ZLIB_PATH=c:\zlib-1.2.8
set OPENSSL_PATH=c:\openssl-0.9.8zc
set LIBSSH2_PATH=c:\libssh2-1.4.3
set OPENSSL_PATH=c:\openssl-1.0.2c
set LIBSSH2_PATH=c:\libssh2-1.6.0
ATTENTION: if you want to build with libssh2 support you have to use latest
version 0.17 - previous versions will NOT work with 7.17.0 and later!
@ -232,7 +232,7 @@ Win32
- optional MingW32-built OpenLDAP SDK available from:
http://www.gknw.net/mirror/openldap/
- optional recent Novell CLDAP SDK available from:
http://developer.novell.com/ndk/cldap.htm
https://www.novell.com/developer/ndk/ldap_libraries_for_c.html
Cygwin
------
@ -254,7 +254,7 @@ Win32
If you use MSVC 6 it is required that you use the February 2003 edition of
the 'Platform SDK' which can be downloaded from:
http://www.microsoft.com/en-us/download/details.aspx?id=12261
https://www.microsoft.com/en-us/download/details.aspx?id=12261
Building any software with MSVC 6 without having PSDK installed is just
asking for trouble down the road once you have released it, you might notice
@ -263,7 +263,7 @@ Win32
software built in such way will at some point regret having done so.
If the compiler has been updated with the installation of a service pack as
those mentioned in http://support.microsoft.com/kb/194022 the compiler can be
those mentioned in https://support.microsoft.com/kb/194022 the compiler can be
safely used to read source code, translate and make it object code.
But, even with the service packs mentioned above installed, the resulting
@ -299,7 +299,7 @@ Win32
Then run 'nmake vc' in curl's root directory.
If you want to compile with zlib support, you will need to build
zlib (http://www.gzip.org/zlib/) as well. Please read the zlib
zlib (http://www.zlib.net/) as well. Please read the zlib
documentation on how to compile zlib. Define the ZLIB_PATH environment
variable to the location of zlib.h and zlib.lib, for example:
@ -471,6 +471,15 @@ Win32
add '-DCURL_STATICLIB' to your CFLAGS. Otherwise the linker will look for
dynamic import symbols.
Legacy Windows and SSL
----------------------
WinSSL (Windows SSPI, more specifically Schannel), is the native SSL library
that comes with the Windows OS. WinSSL in Windows <= XP is not able to
connect to servers that no longer support the legacy handshakes and
algorithms used by those versions. If you will be using curl in one of those
earlier versions of Windows you should choose another SSL backend like
OpenSSL.
Apple iOS and Mac OS X
======================
@ -665,12 +674,10 @@ NetWare
- gnu make and awk running on the platform you compile on;
native Win32 versions can be downloaded from:
http://www.gknw.net/development/prgtools/
- recent Novell LibC SDK available from:
http://developer.novell.com/ndk/libc.htm
- or recent Novell CLib SDK available from:
http://developer.novell.com/ndk/clib.htm
- recent Novell LibC or Novell CLib SDK available from:
https://www.novell.com/developer/ndk/
- optional recent Novell CLDAP SDK available from:
http://developer.novell.com/ndk/cldap.htm
https://www.novell.com/developer/ndk/ldap_libraries_for_c.html
- optional zlib sources (static or dynamic linking with zlib.imp);
sources with NetWare Makefile can be obtained from:
http://www.gknw.net/mirror/zlib/
@ -825,7 +832,7 @@ VxWorks
To build libcurl for VxWorks you need:
- CYGWIN (free, http://cygwin.com/)
- CYGWIN (free, https://cygwin.com/)
- Wind River Workbench (commercial)
If you have CYGWIN and Workbench installed on you machine
@ -1086,18 +1093,18 @@ Useful URLs
axTLS http://axtls.sourceforge.net/
c-ares http://c-ares.haxx.se/
GNU GSS http://www.gnu.org/software/gss/
GnuTLS http://www.gnu.org/software/gnutls/
Heimdal http://www.pdc.kth.se/heimdal/
libidn http://www.gnu.org/software/libidn/
GNU GSS https://www.gnu.org/software/gss/
GnuTLS https://www.gnu.org/software/gnutls/
Heimdal http://www.h5l.org/
libidn https://www.gnu.org/software/libidn/
libmetalink https://launchpad.net/libmetalink/
libssh2 http://www.libssh2.org/
MIT Kerberos http://web.mit.edu/kerberos/www/dist/
NSS http://www.mozilla.org/projects/security/pki/nss/
NSS https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
OpenLDAP http://www.openldap.org/
OpenSSL http://www.openssl.org/
PolarSSL http://polarssl.org/
yassl http://www.yassl.com/
OpenSSL https://www.openssl.org/
PolarSSL https://tls.mbed.org/
wolfSSL https://www.wolfssl.com/wolfSSL/
Zlib http://www.zlib.net/
MingW http://www.mingw.org/

2
docs/INSTALL.devcpp
View File

@ -95,7 +95,7 @@ install instructions may produce erratic behaviour in DevCpp. For further info
check the following sites
http://aditsu.freeunixhost.com/dev-cpp-faq.html
http://sourceforge.net/forum/message.php?msg_id=3252213
https://sourceforge.net/p/dev-cpp/discussion/48211/thread/2a85ea46
As I have mentioned before I will confine this to the SSL Library compilations
but the process is very similar for compilation of the executable - curl.exe;

907
docs/INTERNALS
View File

File diff suppressed because it is too large Load Diff

2
docs/KNOWN_BUGS
View File

@ -97,7 +97,7 @@ may have been fixed since this was written!
something beyond ascii but currently libcurl will only pass in the verbatim
string the app provides. There are several browsers that already do this
encoding. The key seems to be the updated draft to RFC2231:
http://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02
https://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02
66. When using telnet, the time limitation options don't work.
http://curl.haxx.se/bug/view.cgi?id=846

248
docs/LIBCURL-STRUCTS
View File

@ -1,248 +0,0 @@
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
Structs in libcurl
This document should cover 7.32.0 pretty accurately, but will make sense even
for older and later versions as things don't change drastically that often.
1. The main structs in libcurl
1.1 SessionHandle
1.2 connectdata
1.3 Curl_multi
1.4 Curl_handler
1.5 conncache
1.6 Curl_share
1.7 CookieInfo
==============================================================================
1. The main structs in libcurl
1.1 SessionHandle
The SessionHandle handle struct is the one returned to the outside in the
external API as a "CURL *". This is usually known as an easy handle in API
documentations and examples.
Information and state that is related to the actual connection is in the
'connectdata' struct. When a transfer is about to be made, libcurl will
either create a new connection or re-use an existing one. The particular
connectdata that is used by this handle is pointed out by
SessionHandle->easy_conn.
Data and information that regard this particular single transfer is put in
the SingleRequest sub-struct.
When the SessionHandle struct is added to a multi handle, as it must be in
order to do any transfer, the ->multi member will point to the Curl_multi
struct it belongs to. The ->prev and ->next members will then be used by the
multi code to keep a linked list of SessionHandle structs that are added to
that same multi handle. libcurl always uses multi so ->multi *will* point to
a Curl_multi when a transfer is in progress.
->mstate is the multi state of this particular SessionHandle. When
multi_runsingle() is called, it will act on this handle according to which
state it is in. The mstate is also what tells which sockets to return for a
specific SessionHandle when curl_multi_fdset() is called etc.
The libcurl source code generally use the name 'data' for the variable that
points to the SessionHandle.
When doing multiplexed HTTP/2 transfers, each SessionHandle is associated
with an individual stream, sharing the same connectdata struct. Multiplexing
makes it even more important to keep things associated with the right thing!
1.2 connectdata
A general idea in libcurl is to keep connections around in a connection
"cache" after they have been used in case they will be used again and then
re-use an existing one instead of creating a new as it creates a significant
performance boost.
Each 'connectdata' identifies a single physical connection to a server. If
the connection can't be kept alive, the connection will be closed after use
and then this struct can be removed from the cache and freed.
Thus, the same SessionHandle can be used multiple times and each time select
another connectdata struct to use for the connection. Keep this in mind, as
it is then important to consider if options or choices are based on the
connection or the SessionHandle.
Functions in libcurl will assume that connectdata->data points to the
SessionHandle that uses this connection (for the moment).
As a special complexity, some protocols supported by libcurl require a
special disconnect procedure that is more than just shutting down the
socket. It can involve sending one or more commands to the server before
doing so. Since connections are kept in the connection cache after use, the
original SessionHandle may no longer be around when the time comes to shut
down a particular connection. For this purpose, libcurl holds a special
dummy 'closure_handle' SessionHandle in the Curl_multi struct to
FTP uses two TCP connections for a typical transfer but it keeps both in
this single struct and thus can be considered a single connection for most
internal concerns.
The libcurl source code generally use the name 'conn' for the variable that
points to the connectdata.
1.3 Curl_multi
Internally, the easy interface is implemented as a wrapper around multi
interface functions. This makes everything multi interface.
Curl_multi is the multi handle struct exposed as "CURLM *" in external APIs.
This struct holds a list of SessionHandle structs that have been added to
this handle with curl_multi_add_handle(). The start of the list is ->easyp
and ->num_easy is a counter of added SessionHandles.
->msglist is a linked list of messages to send back when
curl_multi_info_read() is called. Basically a node is added to that list
when an individual SessionHandle's transfer has completed.
->hostcache points to the name cache. It is a hash table for looking up name
to IP. The nodes have a limited life time in there and this cache is meant
to reduce the time for when the same name is wanted within a short period of
time.
->timetree points to a tree of SessionHandles, sorted by the remaining time
until it should be checked - normally some sort of timeout. Each
SessionHandle has one node in the tree.
->sockhash is a hash table to allow fast lookups of socket descriptor to
which SessionHandle that uses that descriptor. This is necessary for the
multi_socket API.
->conn_cache points to the connection cache. It keeps track of all
connections that are kept after use. The cache has a maximum size.
->closure_handle is described in the 'connectdata' section.
The libcurl source code generally use the name 'multi' for the variable that
points to the Curl_multi struct.
1.4 Curl_handler
Each unique protocol that is supported by libcurl needs to provide at least
one Curl_handler struct. It defines what the protocol is called and what
functions the main code should call to deal with protocol specific issues.
In general, there's a source file named [protocol].c in which there's a
"struct Curl_handler Curl_handler_[protocol]" declared. In url.c there's
then the main array with all individual Curl_handler structs pointed to from
a single array which is scanned through when a URL is given to libcurl to
work with.
->scheme is the URL scheme name, usually spelled out in uppercase. That's
"HTTP" or "FTP" etc. SSL versions of the protcol need its own Curl_handler
setup so HTTPS separate from HTTP.
->setup_connection is called to allow the protocol code to allocate protocol
specific data that then gets associated with that SessionHandle for the rest
of this transfer. It gets freed again at the end of the transfer. It will be
called before the 'connectdata' for the transfer has been selected/created.
Most protocols will allocate its private 'struct [PROTOCOL]' here and assign
SessionHandle->req.protop to point to it.
->connect_it allows a protocol to do some specific actions after the TCP
connect is done, that can still be considered part of the connection phase.
Some protocols will alter the connectdata->recv[] and connectdata->send[]
function pointers in this function.
->connecting is similarly a function that keeps getting called as long as the
protocol considers itself still in the connecting phase.
->do_it is the function called to issue the transfer request. What we call
the DO action internally. If the DO is not enough and things need to be kept
getting done for the entire DO sequence to complete, ->doing is then usually
also provided. Each protocol that needs to do multiple commands or similar
for do/doing need to implement their own state machines (see SCP, SFTP,
FTP). Some protocols (only FTP and only due to historical reasons) has a
separate piece of the DO state called DO_MORE.
->doing keeps getting called while issuing the transfer request command(s)
->done gets called when the transfer is complete and DONE. That's after the
main data has been transferred.
->do_more gets called during the DO_MORE state. The FTP protocol uses this
state when setting up the second connection.
->proto_getsock
->doing_getsock
->domore_getsock
->perform_getsock
Functions that return socket information. Which socket(s) to wait for which
action(s) during the particular multi state.
->disconnect is called immediately before the TCP connection is shutdown.
->readwrite gets called during transfer to allow the protocol to do extra
reads/writes
->defport is the default report TCP or UDP port this protocol uses
->protocol is one or more bits in the CURLPROTO_* set. The SSL versions have
their "base" protocol set and then the SSL variation. Like "HTTP|HTTPS".
->flags is a bitmask with additional information about the protocol that will
make it get treated differently by the generic engine:
PROTOPT_SSL - will make it connect and negotiate SSL
PROTOPT_DUAL - this protocol uses two connections
PROTOPT_CLOSEACTION - this protocol has actions to do before closing the
connection. This flag is no longer used by code, yet still set for a bunch
protocol handlers.
PROTOPT_DIRLOCK - "direction lock". The SSH protocols set this bit to
limit which "direction" of socket actions that the main engine will
concern itself about.
PROTOPT_NONETWORK - a protocol that doesn't use network (read file:)
PROTOPT_NEEDSPWD - this protocol needs a password and will use a default
one unless one is provided
PROTOPT_NOURLQUERY - this protocol can't handle a query part on the URL
(?foo=bar)
1.5 conncache
Is a hash table with connections for later re-use. Each SessionHandle has
a pointer to its connection cache. Each multi handle sets up a connection
cache that all added SessionHandles share by default.
1.6 Curl_share
The libcurl share API allocates a Curl_share struct, exposed to the external
API as "CURLSH *".
The idea is that the struct can have a set of own versions of caches and
pools and then by providing this struct in the CURLOPT_SHARE option, those
specific SessionHandles will use the caches/pools that this share handle
holds.
Then individual SessionHandle structs can be made to share specific things
that they otherwise wouldn't, such as cookies.
The Curl_share struct can currently hold cookies, DNS cache and the SSL
session cache.
1.7 CookieInfo
This is the main cookie struct. It holds all known cookies and related
information. Each SessionHandle has its own private CookieInfo even when
they are added to a multi handle. They can be made to share cookies by using
the share API.

46
docs/LICENSE-MIXING
View File

@ -23,29 +23,29 @@ libcurl http://curl.haxx.se/docs/copyright.html
Uses an MIT (or Modified BSD)-style license that is as liberal as
possible.
OpenSSL http://www.openssl.org/source/license.html
OpenSSL https://www.openssl.org/source/license.html
(May be used for SSL/TLS support) Uses an Original BSD-style license
with an announcement clause that makes it "incompatible" with GPL. You
are not allowed to ship binaries that link with OpenSSL that includes
GPL code (unless that specific GPL code includes an exception for
OpenSSL - a habit that is growing more and more common). If OpenSSL's
licensing is a problem for you, consider using GnuTLS or yassl
instead.
licensing is a problem for you, consider using another TLS library.
GnuTLS http://www.gnutls.org/
(May be used for SSL/TLS support) Uses the LGPL[3] license. If this is
a problem for you, consider using OpenSSL instead. Also note that
a problem for you, consider using another TLS library. Also note that
GnuTLS itself depends on and uses other libs (libgcrypt and
libgpg-error) and they too are LGPL- or GPL-licensed.
yassl http://www.yassl.com/
WolfSSL https://www.wolfssl.com/
(May be used for SSL/TLS support) Uses the GPL[1] license. If this is
a problem for you, consider using OpenSSL or GnuTLS instead.
(May be used for SSL/TLS support) Uses the GPL[1] license or a
propietary license. If this is a problem for you, consider using
another TLS library.
NSS http://www.mozilla.org/projects/security/pki/nss/
NSS https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
(May be used for SSL/TLS support) Is covered by the MPL[4] license,
the GPL[1] license and the LGPL[3] license. You may choose to license
@ -57,13 +57,29 @@ axTLS http://axtls.sourceforge.net/
(May be used for SSL/TLS support) Uses a Modified BSD-style license.
mbedTLS https://tls.mbed.org/
(May be used for SSL/TLS support) Uses the GPL[1] license or a
propietary license. If this is a problem for you, consider using
another TLS library.
BoringSSL https://boringssl.googlesource.com/
(May be used for SSL/TLS support) As an OpenSSL fork, it has the same
license as that.
libressl http://www.libressl.org/
(May be used for SSL/TLS support) As an OpenSSL fork, it has the same
license as that.
c-ares http://daniel.haxx.se/projects/c-ares/license.html
(Used for asynchronous name resolves) Uses an MIT license that is very
liberal and imposes no restrictions on any other library or part you
may link with.
zlib http://www.gzip.org/zlib/zlib_license.html
zlib http://www.zlib.net/zlib_license.html
(Used for compressed Transfer-Encoding support) Uses an MIT-style
license that shouldn't collide with any other library.
@ -73,12 +89,12 @@ MIT Kerberos http://web.mit.edu/kerberos/www/dist/
(May be used for GSS support) MIT licensed, that shouldn't collide
with any other parts.
Heimdal http://www.pdc.kth.se/heimdal/
Heimdal http://www.h5l.org
(May be used for GSS support) Heimdal is Original BSD licensed with
the announcement clause.
GNU GSS http://www.gnu.org/software/gss/
GNU GSS https://www.gnu.org/software/gss/
(May be used for GSS support) GNU GSS is GPL licensed. Note that you
may not distribute binary curl packages that uses this if you build
@ -105,10 +121,10 @@ libssh2 http://www.libssh2.org/
(Used for scp and sftp support) libssh2 uses a Modified BSD-style
license.
[1] = GPL - GNU General Public License: http://www.gnu.org/licenses/gpl.html
[2] = http://www.fsf.org/licenses/gpl-faq.html#GPLIncompatibleLibs details on
[1] = GPL - GNU General Public License: https://www.gnu.org/licenses/gpl.html
[2] = https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs details on
how to write such an exception to the GPL
[3] = LGPL - GNU Lesser General Public License:
http://www.gnu.org/licenses/lgpl.html
https://www.gnu.org/licenses/lgpl.html
[4] = MPL - Mozilla Public License:
http://www.mozilla.org/MPL/
https://www.mozilla.org/MPL/

2
docs/MAIL-ETIQUETTE
View File

@ -230,7 +230,7 @@ MAIL ETIQUETTE
Quote as little as possible. Just enough to provide the context you cannot
leave out. A lengthy description can be found here:
http://www.netmeister.org/news/learn2quote.html
https://www.netmeister.org/news/learn2quote.html
2.7 Digest

2
docs/Makefile.am
View File

@ -37,7 +37,7 @@ EXTRA_DIST = MANUAL BUGS CONTRIBUTE FAQ FEATURES INTERNALS SSLCERTS \
README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS \
KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY INSTALL \
$(PDFPAGES) LICENSE-MIXING README.netware DISTRO-DILEMMA INSTALL.devcpp \
MAIL-ETIQUETTE HTTP-COOKIES LIBCURL-STRUCTS SECURITY RELEASE-PROCEDURE \
MAIL-ETIQUETTE HTTP-COOKIES SECURITY RELEASE-PROCEDURE \
SSL-PROBLEMS HTTP2.md ROADMAP.md
MAN2HTML= roffit < $< >$@

6
docs/RELEASE-PROCEDURE
View File

@ -1,9 +1,3 @@
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
curl release procedure - how to do a release
============================================

2
docs/SSL-PROBLEMS
View File

@ -53,7 +53,7 @@ SSL ciphers
References:
http://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01
https://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01
Allow BEAST

23
docs/THANKS
View File

@ -36,6 +36,7 @@ Alex Suykov
Alex Vinnik
Alex aka WindEagle
Alexander Beedie
Alexander Dyagilev
Alexander Elgert
Alexander Klauer
Alexander Kourakos
@ -55,6 +56,7 @@ Alona Rossen
Amol Pattekar
Amr Shahin
Anatoli Tubman
Anders Bakken
Anders Gustafsson
Anders Havn
Andi Jahja
@ -90,6 +92,7 @@ Andy Serpa
Andy Tsouladze
Angus Mackay
Anthon Pang
Anthony Avina
Anthony Bryan
Anthony G. Basile
Antoine Calando
@ -104,6 +107,7 @@ Arnaud Ebalard
Arthur Murray
Arve Knudsen
Arvid Norberg
Ashish Shukla
Ask Bjørn Hansen
Askar Safin
Ates Goral
@ -131,6 +135,7 @@ Benoit Neil
Benoit Sigoure
Bernard Leak
Bernhard Reutner-Fischer
Bert Huijben
Bertrand Demiddelaer
Bill Doyle
Bill Egert
@ -157,8 +162,10 @@ Brandon Wang
Brendan Jurd
Brent Beardsley
Brian Akins
Brian Chrisman
Brian Dessent
Brian J. Murrell
Brian Prodoehl
Brian R Duffy
Brian Ulm
Brock Noland
@ -182,6 +189,7 @@ Charles Romestant
Chen Prog
Chih-Chung Chang
Chris "Bob Bob"
Chris Araman
Chris Combes
Chris Conlon
Chris Deidun
@ -245,6 +253,7 @@ Daniel Black
Daniel Cater
Daniel Egger
Daniel Johnson
Daniel Melani
Daniel Mentz
Daniel Steinberg
Daniel Stenberg
@ -306,6 +315,7 @@ Dirk Manske
Dmitri Shubin
Dmitriy Sergeyev
Dmitry Bartsevich
Dmitry Eremin-Solenikov
Dmitry Falko
Dmitry Kurochkin
Dmitry Popov
@ -321,6 +331,7 @@ Douglas Kilpatrick
Douglas R. Horner
Douglas Steinwand
Dov Murik
Drake Arconis
Duane Cathey
Duncan Mac-Vicar Prett
Dustin Boswell
@ -335,6 +346,7 @@ Edward Rudd
Edward Sheldrake
Eelco Dolstra
Eetu Ojanen
Egon Eckert
Eldar Zaitov
Ellis Pritchard
Elmira A Semenova
@ -390,6 +402,7 @@ François Charlier
Fred Machado
Fred New
Fred Noz
Fred Stluka
Frederic Lepied
Fredrik Thulin
Gabriel Kuri
@ -427,6 +440,7 @@ Glenn Sheridan
Gordon Marler
Gorilla Maguila
Grant Erickson
Grant Pannell
Greg Hewgill
Greg Morse
Greg Onufer
@ -540,6 +554,7 @@ Jeff Lawson
Jeff Phillips
Jeff Pohlmeyer
Jeff Weber
Jens Rantil
Jeremy Friesner
Jeremy Huddleston
Jeremy Lin
@ -567,6 +582,7 @@ Joe Halpin
Joe Malicki
Joe Mason
Joel Chen
Joel Depooter
Jofell Gallardo
Johan Anderson
Johan Lantz
@ -705,6 +721,7 @@ Lindley French
Ling Thio
Linus Nielsen Feltzing
Lisa Xu
Liviu Chircu
Liza Alenchery
Lluís Batlle i Rossell
Loic Dachary
@ -888,6 +905,7 @@ Oliver Schindler
Olivier Berger
Oren Souroujon
Oren Tirosh
Orgad Shaneh
Ori Avtalion
Oscar Koeroo
Oscar Norlander
@ -916,6 +934,7 @@ Paul Marks
Paul Marquis
Paul Moore
Paul Nolan
Paul Oliver
Paul Querna
Paul Saab
Pavel Cenek
@ -973,6 +992,7 @@ Quinn Slack
Radu Simionescu
Rafa Muyo
Rafael Sagula
Rafayel Mkrtchyan
Rafaël Carré
Rainer Canavan
Rainer Jung
@ -1076,6 +1096,7 @@ Scott Barrett
Scott Cantor
Scott Davis
Scott McCreary
Sean Boudreau
Sebastian Rasmussen
Senthil Raja Velu
Sergei Nikulov
@ -1191,6 +1212,7 @@ Tomas Hoger
Tomas Mlcoch
Tomas Pospisek
Tomas Szepe
Tomas Tomecek
Tomasz Kojm
Tomasz Lacki
Tommie Gannert
@ -1218,6 +1240,7 @@ Victor Snezhko
Vijay Panghal
Vikram Saxena
Viktor Szakáts
Ville Skyttä
Vilmos Nebehaj
Vincent Bronner
Vincent Le Normand

1
docs/THANKS-filter
View File

@ -49,3 +49,4 @@ s/tetetest tetetest//
s/Jiří Hruška/Jiri Hruska/
s/Viktor Szakats/Viktor Szakáts/
s/Jonathan Cardoso/Jonathan Cardoso Machado/
s/Linus Nielsen/Linus Nielsen Feltzing/

19
docs/TODO
View File

@ -25,6 +25,7 @@
1.7 Detect when called from within callbacks
1.8 Allow SSL (HTTPS) to proxy
1.9 Cache negative name resolves
1.10 Support IDNA2008
2. libcurl - multi interface
2.1 More non-blocking
@ -208,7 +209,7 @@
To prevent local users from snooping on your traffic to the proxy. Supported
by Chrome already:
http://www.chromium.org/developers/design-documents/secure-web-proxy
https://www.chromium.org/developers/design-documents/secure-web-proxy
...and by Firefox soon:
https://bugzilla.mozilla.org/show_bug.cgi?id=378637
@ -218,6 +219,12 @@
A name resolve that has failed is likely to fail when made again within a
short period of time. Currently we only cache positive responses.
1.10 Support IDNA2008
International Domain Names are supported in libcurl since years back, powered
by libidn. libidn implements IDNA2003 which has been superseded by IDNA2008.
libidn2 is an existing library offering support for IDNA2008.
2. libcurl - multi interface
@ -265,7 +272,7 @@
HOST is a command for a client to tell which host name to use, to offer FTP
servers named-based virtual hosting:
http://tools.ietf.org/html/rfc7151
https://tools.ietf.org/html/rfc7151
4.2 Alter passive/active on failure and retry
@ -493,7 +500,7 @@ Currently the SMB authentication uses NTLMv1.
DNS-Based Authentication of Named Entities (DANE) is a way to provide SSL
keys and certs over DNS using DNSSEC as an alternative to the CA model.
http://www.rfc-editor.org/rfc/rfc6698.txt
https://www.rfc-editor.org/rfc/rfc6698.txt
An initial patch was posted by Suresh Krishnaswamy on March 7th 2013
(http://curl.haxx.se/mail/lib-2013-03/0075.html) but it was a too simple
@ -523,7 +530,7 @@ Currently the SMB authentication uses NTLMv1.
Therefore support for the existing -E/--cert and --key options should be
implemented by supplying a custom certificate to the SChannel APIs, see:
- Getting a Certificate for Schannel
http://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx
https://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx
15.2 Add support for custom server certificate validation
@ -534,7 +541,7 @@ Currently the SMB authentication uses NTLMv1.
Therefore support for the existing --cacert or --capath options should be
implemented by supplying a custom certificate to the SChannel APIs, see:
- Getting a Certificate for Schannel
http://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx
https://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx
15.3 Add support for the --ciphers option
@ -545,7 +552,7 @@ Currently the SMB authentication uses NTLMv1.
Therefore support for the existing --ciphers option should be implemented
by mapping the OpenSSL/GnuTLS cipher suites to the SChannel APIs, see
- Specifying Schannel Ciphers and Cipher Strengths
http://msdn.microsoft.com/en-us/library/windows/desktop/aa380161.aspx
https://msdn.microsoft.com/en-us/library/windows/desktop/aa380161.aspx
16. SASL

20
docs/VERSIONS
View File

@ -1,22 +1,18 @@
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
Version Numbers and Releases
============================
Curl is not only curl. Curl is also libcurl. They're actually individually
versioned, but they mostly follow each other rather closely.
The version numbering is always built up using the same system:
X.Y[.Z]
X.Y.Z
Where
X is main version number
Y is release number
Z is patch number
- X is main version number
- Y is release number
- Z is patch number
## Bumping numbers
One of these numbers will get bumped in each new release. The numbers to the
right of a bumped number will be reset to zero. If Z is zero, it may not be
@ -57,4 +53,4 @@ Version Numbers and Releases
release. It makes comparisons with greater than and less than work.
This number is also available as three separate defines:
LIBCURL_VERSION_MAJOR, LIBCURL_VERSION_MINOR and LIBCURL_VERSION_PATCH.
`LIBCURL_VERSION_MAJOR`, `LIBCURL_VERSION_MINOR` and `LIBCURL_VERSION_PATCH`.

18
docs/curl.1
View File

@ -39,8 +39,7 @@ resume, Metalink, and more. As you will see below, the number of features will
make your head spin!
curl is powered by libcurl for all transfer-related features. See
.BR libcurl (3)
for details.
\fIlibcurl(3)\fP for details.
.SH URL
The URL syntax is protocol-dependent. You'll find a detailed description in
RFC 3986.
@ -269,11 +268,11 @@ If this option is used several times, the last one will be used.
.IP "--ciphers <list of ciphers>"
(SSL) Specifies which ciphers to use in the connection. The list of ciphers
must specify valid ciphers. Read up on SSL cipher list details on this URL:
\fIhttp://www.openssl.org/docs/apps/ciphers.html\fP
\fIhttps://www.openssl.org/docs/apps/ciphers.html\fP
NSS ciphers are done differently than OpenSSL and GnuTLS. The full list of NSS
ciphers is in the NSSCipherSuite entry at this URL:
\fIhttp://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives\fP
\fIhttps://git.fedorahosted.org/cgit/mod_nss.git/plain/docs/mod_nss.html#Directives\fP
If this option is used several times, the last one will be used.
.IP "--compressed"
@ -1060,13 +1059,10 @@ in Metalink file, hash check will fail.
Makes curl scan the \fI.netrc\fP (\fI_netrc\fP on Windows) file in the user's
home directory for login name and password. This is typically used for FTP on
Unix. If used with HTTP, curl will enable user authentication. See
.BR netrc(4)
or
.BR ftp(1)
for details on the file format. Curl will not complain if that file
doesn't have the right permissions (it should not be either world- or
group-readable). The environment variable "HOME" is used to find the home
directory.
\fInetrc(5)\fP \fIftp(1)\fP for details on the file format. Curl will not
complain if that file doesn't have the right permissions (it should not be
either world- or group-readable). The environment variable "HOME" is used to
find the home directory.
A quick and very simple example of how to setup a \fI.netrc\fP to allow curl
to FTP to the machine host.domain.com with user name \&'myself' and password

9
docs/examples/10-at-a-time.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,9 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/* Example application source code using the multi interface to download many
* files, but with a capped maximum amount of simultaneous transfers.
*
/* <DESC>
* Source code using the multi interface to download many
* files, with a capped maximum amount of simultaneous transfers.
* </DESC>
* Written by Michael Wallner
*/

7
docs/examples/anyauthput.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,6 +19,11 @@
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* HTTP PUT upload with authentiction using "any" method. libcurl picks the
* one the server supports/wants.
* </DESC>
*/
#include <stdio.h>
#include <fcntl.h>
#ifdef WIN32

10
docs/examples/asiohiper.cpp
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2012 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 2012 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -20,11 +20,11 @@
*
***************************************************************************/
/* <DESC>
* demonstrate the use of multi socket interface with boost::asio
* </DESC>
*/
/*
* file: asiohiper.cpp
* Example program to demonstrate the use of multi socket interface
* with boost::asio
*
* This program is in c++ and uses boost::asio instead of libevent/libev.
* Requires boost::asio, boost::bind and boost::system
*

14
docs/examples/cacertinmem.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,17 +19,11 @@
* KIND, either express or implied.
*
***************************************************************************/
/* Example using a "in core" PEM certificate to retrieve a https page.
* Written by Theo Borm
/* <DESC>
* CA cert in memory with OpenSSL to get a HTTPS page.
* </DESC>
*/
/* on a netBSD system with OPENSSL& LIBCURL installed from
* pkgsrc (using default paths) this program can be compiled using:
* gcc -I/usr/pkg/include -L/usr/pkg/lib -lcurl -Wl,-R/usr/pkg/lib -lssl
* -lcrypto -lz -o curlcacerttest curlcacerttest.c
* on other operating systems you may want to change paths to headers
* and libraries
*/
#include <openssl/ssl.h>
#include <curl/curl.h>
#include <stdio.h>

6
docs/examples/certinfo.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,6 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* Extract lots of TLS certificate info.
* </DESC>
*/
#include <stdio.h>
#include <curl/curl.h>

6
docs/examples/chkspeed.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,6 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* Show transfer timing info after download completes.
* </DESC>
*/
/* Example source code to show how the callback function can be used to
* download data into a chunk of memory instead of storing it in a file.
* After successful download we use curl_easy_getinfo() calls to get the

7
docs/examples/cookie_interface.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,7 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/* This example shows usage of simple cookie interface. */
/* <DESC>
* Import and export cookies with COOKIELIST.
* </DESC>
*/
#include <stdio.h>
#include <string.h>

7
docs/examples/curlgtk.c
View File

@ -5,9 +5,12 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (c) 2000 David Odin (aka DindinX) for MandrakeSoft
*/
/* <DESC>
* use the libcurl in a gtk-threaded application
* </DESC>
*/
/* Copyright (c) 2000 David Odin (aka DindinX) for MandrakeSoft */
/* an attempt to use the curl library in concert with a gtk-threaded application */
#include <stdio.h>
#include <gtk/gtk.h>

5
docs/examples/curlx.c
View File

@ -9,7 +9,10 @@
certificate presented during ssl session establishment.
*/
/* <DESC>
* demonstrates use of SSL context callback, requires OpenSSL
* </DESC>
*/
/*
* Copyright (c) 2003 The OpenEvidence Project. All rights reserved.

6
docs/examples/debug.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,6 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* Show how CURLOPT_DEBUGFUNCTION can be used.
* </DESC>
*/
#include <stdio.h>
#include <curl/curl.h>

6
docs/examples/evhiperfifo.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,6 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* multi socket interface together with libev
* </DESC>
*/
/* Example application source code using the multi socket interface to
* download many files at once.
*

7
docs/examples/externalsocket.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,9 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/*
* This is an example demonstrating how an application can pass in a custom
/* <DESC>
* An example demonstrating how an application can pass in a custom
* socket to libcurl to use. This example also handles the connect itself.
* </DESC>
*/
#include <stdio.h>
#include <string.h>

6
docs/examples/fileupload.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,6 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* Upload to a file:// URL
* </DESC>
*/
#include <stdio.h>
#include <curl/curl.h>
#include <sys/stat.h>

4
docs/examples/fopen.c
View File

@ -42,6 +42,10 @@
*
* This example requires libcurl 7.9.7 or later.
*/
/* <DESC>
* implements an fopen() abstraction allowing reading from URLs
* </DESC>
*/
#include <stdio.h>
#include <string.h>

6
docs/examples/ftp-wildcard.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,6 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* FTP wildcard pattern matching
* </DESC>
*/
#include <curl/curl.h>
#include <stdio.h>

10
docs/examples/ftpget.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -23,11 +23,9 @@
#include <curl/curl.h>
/*
* This is an example showing how to get a single file from an FTP server.
* It delays the actual destination file creation until the first write
* callback so that it won't create an empty file in case the remote file
* doesn't exist or something else fails.
/* <DESC>
* Get a single file from an FTP server.
* </DESC>
*/
struct FtpFile {

8
docs/examples/ftpgetinfo.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -24,9 +24,9 @@
#include <curl/curl.h>
/*
* This is an example showing how to check a single file's size and mtime
* from an FTP server.
/* <DESC>
* Checks a single file's size and mtime from an FTP server.
* </DESC>
*/
static size_t throw_away(void *ptr, size_t size, size_t nmemb, void *data)

10
docs/examples/ftpgetresp.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -23,13 +23,11 @@
#include <curl/curl.h>
/*
* Similar to ftpget.c but this also stores the received response-lines
/* <DESC>
* Similar to ftpget.c but also stores the received response-lines
* in a separate file using our own callback!
*
* This functionality was introduced in libcurl 7.9.3.
* </DESC>
*/
static size_t
write_response(void *ptr, size_t size, size_t nmemb, void *data)
{

10
docs/examples/ftpsget.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -24,11 +24,9 @@
#include <curl/curl.h>
/*
* This is an example showing how to get a single file from an FTPS server.
* It delays the actual destination file creation until the first write
* callback so that it won't create an empty file in case the remote file
* doesn't exist or something else fails.
/* <DESC>
* Get a single file from an FTPS server.
* </DESC>
*/
struct FtpFile {

11
docs/examples/ftpupload.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -33,11 +33,10 @@
#include <unistd.h>
#endif
/*
* This example shows an FTP upload, with a rename of the file just after
* a successful upload.
*
* Example based on source code provided by Erick Nuwendam. Thanks!
/* <DESC>
* Performs an FTP upload and renames the file just after a successful
* transfer.
* </DESC>
*/
#define LOCAL_FILE "/tmp/uploadthis.txt"

12
docs/examples/ftpuploadresume.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,13 +19,9 @@
* KIND, either express or implied.
*
***************************************************************************/
/* Upload to FTP, resuming failed transfers
*
* Compile for MinGW like this:
* gcc -Wall -pedantic -std=c99 ftpuploadwithresume.c -o ftpuploadresume.exe
* -lcurl -lmsvcr70
*
* Written by Philip Bock
/* <DESC>
* Upload to FTP, resuming failed transfers.
* </DESC>
*/
#include <stdlib.h>

11
docs/examples/getinfo.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,6 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* Use getinfo to get content-type after completed transfer.
* </DESC>
*/
#include <stdio.h>
#include <curl/curl.h>
@ -27,18 +31,14 @@ int main(void)
CURL *curl;
CURLcode res;
/* http://curl.haxx.se/libcurl/c/curl_easy_init.html */
curl = curl_easy_init();
if(curl) {
/* http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTURL */
curl_easy_setopt(curl, CURLOPT_URL, "http://www.example.com/");
/* http://curl.haxx.se/libcurl/c/curl_easy_perform.html */
res = curl_easy_perform(curl);
if(CURLE_OK == res) {
char *ct;
/* ask for the content-type */
/* http://curl.haxx.se/libcurl/c/curl_easy_getinfo.html */
res = curl_easy_getinfo(curl, CURLINFO_CONTENT_TYPE, &ct);
if((CURLE_OK == res) && ct)
@ -46,7 +46,6 @@ int main(void)
}
/* always cleanup */
/* http://curl.haxx.se/libcurl/c/curl_easy_cleanup.html */
curl_easy_cleanup(curl);
}
return 0;

10
docs/examples/getinmemory.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,8 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/* Example source code to show how the callback function can be used to
* download data into a chunk of memory instead of storing it in a file.
/* <DESC>
* Shows how the write callback function can be used to download data into a
* chunk of memory instead of storing it in a file.
* </DESC>
*/
#include <stdio.h>
@ -34,7 +36,6 @@ struct MemoryStruct {
size_t size;
};
static size_t
WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)
{
@ -55,7 +56,6 @@ WriteMemoryCallback(void *contents, size_t size, size_t nmemb, void *userp)
return realsize;
}
int main(void)
{
CURL *curl_handle;

6
docs/examples/ghiper.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,6 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* multi socket API usage together with with glib2
* </DESC>
*/
/* Example application source code using the multi socket interface to
* download many files at once.
*

6
docs/examples/hiperfifo.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,6 +19,10 @@
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* multi socket API usage with libevent 2
* </DESC>
*/
/* Example application source code using the multi socket interface to
download many files at once.

14
docs/examples/href_extractor.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 2012 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -20,13 +20,13 @@
*
***************************************************************************/
/* <DESC>
* Uses the "Streaming HTML parser" to extract the href pieces in a streaming
* manner from a downloaded HTML.
* </DESC>
*/
/*
* This example uses the "Streaming HTML parser" to extract the href pieces in
* a streaming manner from a downloaded HTML. Kindly donated by Michał
* Kowalczyk.
*
* The parser is found at
* http://code.google.com/p/htmlstreamparser/
* The HTML parser is found at http://code.google.com/p/htmlstreamparser/
*/
#include <stdio.h>

13
docs/examples/htmltidy.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -19,13 +19,12 @@
* KIND, either express or implied.
*
***************************************************************************/
/* Download a document and use libtidy to parse the HTML.
* Written by Jeff Pohlmeyer
*
/* <DESC>
* Download a document and use libtidy to parse the HTML.
* </DESC>
*/
/*
* LibTidy => http://tidy.sourceforge.net
*
* gcc -Wall -I/usr/local/include tidycurl.c -lcurl -ltidy -o tidycurl
*
*/
#include <stdio.h>

7
docs/libcurl/curl_easy_cleanup.3
View File

@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@ -63,5 +63,6 @@ if(curl) {
}
.fi
.SH "SEE ALSO"
.BR curl_easy_init "(3), "
.BR curl_easy_init "(3), " curl_easy_duphandle "(3), "
.BR curl_easy_reset "(3), "
.BR curl_multi_cleanup "(3), " curl_multi_remove_handle "(3) "

6
docs/libcurl/curl_easy_duphandle.3
View File

@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@ -47,4 +47,6 @@ in a synchronous way, the input handle may not be in use when cloned.
If this function returns NULL, something went wrong and no valid handle was
returned.
.SH "SEE ALSO"
.BR curl_easy_init "(3)," curl_easy_cleanup "(3)," curl_global_init "(3)"
.BR curl_easy_init "(3)," curl_easy_cleanup "(3)," curl_easy_reset "(3),"
.BR curl_global_init "(3)"

4
docs/libcurl/curl_easy_setopt.3
View File

@ -50,6 +50,8 @@ really \fICURLOPT_POSTFIELDS(3)\fP, but the alternative that copies the string
\fICURLOPT_COPYPOSTFIELDS(3)\fP has some usage characteristics you need to
read up on.
The order in which the options are set does not matter.
Before version 7.17.0, strings were not copied. Instead the user was forced
keep them available until libcurl no longer needed them.
@ -291,6 +293,8 @@ Disable Content decoding. See \fICURLOPT_HTTP_CONTENT_DECODING(3)\fP
Disable Transfer decoding. See \fICURLOPT_HTTP_TRANSFER_DECODING(3)\fP
.IP CURLOPT_EXPECT_100_TIMEOUT_MS
100-continue timeout. See \fICURLOPT_EXPECT_100_TIMEOUT_MS(3)\fP
.IP CURLOPT_PIPEWAIT
Wait on connection to pipeline on it. See \fICURLOPT_PIPEWAIT(3)\fP
.SH SMTP OPTIONS
.IP CURLOPT_MAIL_FROM
Address of the sender. See \fICURLOPT_MAIL_FROM(3)\fP

3
docs/libcurl/curl_multi_info_read.3
View File

@ -69,6 +69,7 @@ that just completed.
At this point, there are no other \fBmsg\fP types defined.
.SH EXAMPLE
.nf
struct CURLMsg *m;
/* call curl_multi_perform or curl_multi_socket_action first, then loop
@ -84,7 +85,7 @@ do {
curl_easy_cleanup(e);
}
} while(m);
.fi
.SH "RETURN VALUE"
A pointer to a filled-in struct, or NULL if it failed or ran out of
structs. It also writes the number of messages left in the queue (after this

4
docs/libcurl/libcurl-errors.3
View File

@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@ -74,7 +74,7 @@ After having sent the FTP password to the server, libcurl expects a proper
reply. This error code indicates that an unexpected code was returned.
.IP "CURLE_FTP_ACCEPT_TIMEOUT (12)"
During an active FTP session while waiting for the server to connect, the
\fICURLOPT_ACCEPTTIMOUT_MS(3)\fP (or the internal default) timeout expired.
\fICURLOPT_ACCEPTTIMEOUT_MS(3)\fP (or the internal default) timeout expired.
.IP "CURLE_FTP_WEIRD_PASV_REPLY (13)"
libcurl failed to get a sensible result back from the server as a response to
either a PASV or a EPSV command. The server is flawed.

2
docs/libcurl/libcurl-multi.3
View File

@ -136,7 +136,7 @@ normal multi interface. Then you also set two callbacks with the
CURLMOPT_SOCKETFUNCTION and CURLMOPT_TIMERFUNCTION options to
\fIcurl_multi_setopt(3)\fP. They are two callback functions that libcurl will
call with information about what sockets to wait for, and for what activity,
and what the curret timeout time is - if that expires libcurl should be
and what the current timeout time is - if that expires libcurl should be
notified.
The multi_socket API is designed to inform your application about which

26
docs/libcurl/opts/CURLOPT_ERRORBUFFER.3
View File

@ -51,15 +51,33 @@ All
.nf
curl = curl_easy_init();
if(curl) {
char error[CURL_ERROR_SIZE]
CURLcode res;
char errbuf[CURL_ERROR_SIZE];
curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
/* provide a buffer to store errors in */
curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, error);
curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errbuf);
/* Perform the request */
curl_easy_perform(curl);
/* set the error buffer as empty before performing a request */
errbuf[0] = 0;
/* perform the request */
res = curl_easy_perform(curl);
/* if the request did not complete correctly, show the error
information. if no detailed error information was written to errbuf
show the more generic information from curl_easy_strerror instead.
*/
if(res != CURLE_OK) {
size_t len = strlen(errbuf);
fprintf(stderr, "\\nlibcurl: (%d) ", res);
if(len)
fprintf(stderr, "%s%s", errbuf,
((errbuf[len - 1] != '\\n') ? "\\n" : ""));
else
fprintf(stderr, "%s\\n", curl_easy_strerror(res));
}
}
.fi
.SH AVAILABILITY

6
include/curl/curlver.h
View File

@ -30,12 +30,12 @@
/* This is the version number of the libcurl package from which this header
file origins: */
#define LIBCURL_VERSION "7.43.0-DEV"
#define LIBCURL_VERSION "7.44.0-DEV"
/* The numeric version number is also available "in parts" by using these
defines: */
#define LIBCURL_VERSION_MAJOR 7
#define LIBCURL_VERSION_MINOR 43
#define LIBCURL_VERSION_MINOR 44
#define LIBCURL_VERSION_PATCH 0
/* This is the numeric version of the libcurl version number, meant for easier
@ -57,7 +57,7 @@
CURL_VERSION_BITS() macro since curl's own configure script greps for it
and needs it to contain the full number.
*/
#define LIBCURL_VERSION_NUM 0x072B00
#define LIBCURL_VERSION_NUM 0x072C00
/*
* This is the date and time when the full source package was created. The

5
lib/Makefile.am
View File

@ -21,9 +21,6 @@
###########################################################################
AUTOMAKE_OPTIONS = foreign nostdinc
DOCS = README.encoding README.memoryleak README.ares README.curlx \
README.hostip README.multi_socket README.httpauth README.curl_off_t
CMAKE_DIST = CMakeLists.txt curl_config.h.cmake
EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 config-win32.h \
@ -31,7 +28,7 @@ EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 config-win32.h \
makefile.dj config-dos.h libcurl.plist libcurl.rc config-amigaos.h \
makefile.amiga Makefile.netware nwlib.c nwos.c config-win32ce.h \
config-os400.h setup-os400.h config-symbian.h Makefile.Watcom \
config-tpf.h $(DOCS) mk-ca-bundle.pl mk-ca-bundle.vbs $(CMAKE_DIST) \
config-tpf.h mk-ca-bundle.pl mk-ca-bundle.vbs $(CMAKE_DIST) \
firefox-db2pem.sh config-vxworks.h Makefile.vxworks checksrc.pl \
objnames-test08.sh objnames-test10.sh objnames.inc checksrc.whitelist

2
lib/Makefile.m32
View File

@ -58,7 +58,7 @@ CC = $(CROSSPREFIX)gcc
CFLAGS = $(CURL_CFLAG_EXTRAS) -g -O2 -Wall
CFLAGS += -fno-strict-aliasing
# comment LDFLAGS below to keep debug info
LDFLAGS = -s
LDFLAGS = $(CURL_LDFLAG_EXTRAS) -s
AR = $(CROSSPREFIX)ar
RANLIB = $(CROSSPREFIX)ranlib
RC = $(CROSSPREFIX)windres

69
lib/README.ares
View File

@ -1,69 +0,0 @@
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
How To Build libcurl to Use c-ares For Asynch Name Resolves
===========================================================
c-ares:
http://c-ares.haxx.se/
NOTE
The latest libcurl version requires c-ares 1.6.0 or later.
Once upon the time libcurl built fine with the "original" ares. That is no
longer true. You need to use c-ares.
Build c-ares
============
1. unpack the c-ares archive
2. cd c-ares-dir
3. ./configure
4. make
5. make install
Build libcurl to use c-ares in the curl source tree
===================================================
1. name or symlink the c-ares source directory 'ares' in the curl source
directory
2. ./configure --enable-ares
Optionally, you can point out the c-ares install tree root with the the
--enable-ares option.
3. make
Build libcurl to use an installed c-ares
========================================
1. ./configure --enable-ares=/path/to/ares/install
2. make
c-ares on win32
===============
(description brought by Dominick Meglio)
First I compiled c-ares. I changed the default C runtime library to be the
single-threaded rather than the multi-threaded (this seems to be required to
prevent linking errors later on). Then I simply build the areslib project (the
other projects adig/ahost seem to fail under MSVC).
Next was libcurl. I opened lib/config-win32.h and I added a:
#define USE_ARES 1
Next thing I did was I added the path for the ares includes to the include
path, and the libares.lib to the libraries.
Lastly, I also changed libcurl to be single-threaded rather than
multi-threaded, again this was to prevent some duplicate symbol errors. I'm
not sure why I needed to change everything to single-threaded, but when I
didn't I got redefinition errors for several CRT functions (malloc, stricmp,
etc.)
I would have modified the MSVC++ project files, but I only have VC.NET and it
uses a different format than VC6.0 so I didn't want to go and change
everything and remove VC6.0 support from libcurl.

68
lib/README.curl_off_t
View File

@ -1,68 +0,0 @@
curl_off_t explained
====================
curl_off_t is a data type provided by the external libcurl include headers. It
is the type meant to be used for the curl_easy_setopt() options that end with
LARGE. The type is 64bit large on most modern platforms.
Transition from < 7.19.0 to >= 7.19.0
-------------------------------------
Applications that used libcurl before 7.19.0 that are rebuilt with a libcurl
that is 7.19.0 or later may or may not have to worry about anything of
this. We have made a significant effort to make the transition really seamless
and transparent.
You have have to take notice if you are in one of the following situations:
o Your app is using or will after the transition use a libcurl that is built
with LFS (large file support) disabled even though your system otherwise
supports it.
o Your app is using or will after the transition use a libcurl that doesn't
support LFS at all, but your system and compiler support 64bit data types.
In both these cases, the curl_off_t type will now (after the transition) be
64bit where it previously was 32bit. This will cause a binary incompatibility
that you MAY need to deal with.
Benefits
--------
This new way has several benefits:
o Platforms without LFS support can still use libcurl to do >32 bit file
transfers and range operations etc as long as they have >32 bit data-types
supported.
o Applications will no longer easily build with the curl_off_t size
mismatched, which has been a very frequent (and annoying) problem with
libcurl <= 7.18.2
Historically
------------
Previously, before 7.19.0, the curl_off_t type would be rather strongly
connected to the size of the system off_t type, where currently curl_off_t is
independent of that.
The strong connection to off_t made it troublesome for application authors
since when they did mistakes, they could get curl_off_t type of different
sizes in the app vs libcurl, and that caused strange effects that were hard to
track and detect by users of libcurl.
SONAME
------
We opted to not bump the soname for the library unconditionally, simply
because soname bumping is causing a lot of grief and moaning all over the
community so we try to keep that at minimum. Also, our selected design path
should be 100% backwards compatible for the vast majority of all libcurl
users.
Enforce SONAME bump
-------------------
If configure doesn't detect your case where a bump is necessary, re-run it
with the --enable-soname-bump command line option!

61
lib/README.curlx
View File

@ -1,61 +0,0 @@
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
Source Code Functions Apps Might Use
====================================
The libcurl source code offers a few functions by source only. They are not
part of the official libcurl API, but the source files might be useful for
others so apps can optionally compile/build with these sources to gain
additional functions.
We provide them through a single header file for easy access for apps:
"curlx.h"
curlx_strtoofft()
A macro that converts a string containing a number to a curl_off_t number.
This might use the curlx_strtoll() function which is provided as source
code in strtoofft.c. Note that the function is only provided if no
strtoll() (or equivalent) function exist on your platform. If curl_off_t
is only a 32 bit number on your platform, this macro uses strtol().
curlx_tvnow()
returns a struct timeval for the current time.
curlx_tvdiff()
returns the difference between two timeval structs, in number of
milliseconds.
curlx_tvdiff_secs()
returns the same as curlx_tvdiff but with full usec resolution (as a
double)
FUTURE
======
Several functions will be removed from the public curl_ name space in a
future libcurl release. They will then only become available as curlx_
functions instead. To make the transition easier, we already today provide
these functions with the curlx_ prefix to allow sources to get built properly
with the new function names. The functions this concerns are:
curlx_getenv
curlx_strequal
curlx_strnequal
curlx_mvsnprintf
curlx_msnprintf
curlx_maprintf
curlx_mvaprintf
curlx_msprintf
curlx_mprintf
curlx_mfprintf
curlx_mvsprintf
curlx_mvprintf
curlx_mvfprintf

60
lib/README.encoding
View File

@ -1,60 +0,0 @@
Content Encoding Support for libcurl
* About content encodings:
HTTP/1.1 [RFC 2616] specifies that a client may request that a server encode
its response. This is usually used to compress a response using one of a set
of commonly available compression techniques. These schemes are `deflate' (the
zlib algorithm), `gzip' and `compress' [sec 3.5, RFC 2616]. A client requests
that the sever perform an encoding by including an Accept-Encoding header in
the request document. The value of the header should be one of the recognized
tokens `deflate', ... (there's a way to register new schemes/tokens, see sec
3.5 of the spec). A server MAY honor the client's encoding request. When a
response is encoded, the server includes a Content-Encoding header in the
response. The value of the Content-Encoding header indicates which scheme was
used to encode the data.
A client may tell a server that it can understand several different encoding
schemes. In this case the server may choose any one of those and use it to
encode the response (indicating which one using the Content-Encoding header).
It's also possible for a client to attach priorities to different schemes so
that the server knows which it prefers. See sec 14.3 of RFC 2616 for more
information on the Accept-Encoding header.
* Current support for content encoding:
Support for the 'deflate' and 'gzip' content encoding are supported by
libcurl. Both regular and chunked transfers should work fine. The library
zlib is required for this feature. 'deflate' support was added by James
Gallagher, and support for the 'gzip' encoding was added by Dan Fandrich.
* The libcurl interface:
To cause libcurl to request a content encoding use:
curl_easy_setopt(curl, CURLOPT_ACCEPT_ENCODING, <string>)
where <string> is the intended value of the Accept-Encoding header.
Currently, libcurl only understands how to process responses that use the
"deflate" or "gzip" Content-Encoding, so the only values for
CURLOPT_ACCEPT_ENCODING that will work (besides "identity," which does
nothing) are "deflate" and "gzip" If a response is encoded using the
"compress" or methods, libcurl will return an error indicating that the
response could not be decoded. If <string> is NULL no Accept-Encoding header
is generated. If <string> is a zero-length string, then an Accept-Encoding
header containing all supported encodings will be generated.
The CURLOPT_ACCEPT_ENCODING must be set to any non-NULL value for content to
be automatically decoded. If it is not set and the server still sends encoded
content (despite not having been asked), the data is returned in its raw form
and the Content-Encoding type is not checked.
* The curl interface:
Use the --compressed option with curl to cause it to ask servers to compress
responses using any format supported by curl.
James Gallagher <jgallagher@gso.uri.edu>
Dan Fandrich <dan@coneharvesters.com>

35
lib/README.hostip
View File

@ -1,35 +0,0 @@
hostip.c explained
==================
The main COMPILE-TIME DEFINES to keep in mind when reading the host*.c
source file are these:
CURLRES_IPV6 - this host has getaddrinfo() and family, and thus we use
that. The host may not be able to resolve IPv6, but we don't really have to
take that into account. Hosts that aren't IPv6-enabled have CURLRES_IPV4
defined.
CURLRES_ARES - is defined if libcurl is built to use c-ares for asynchronous
name resolves. This can be Windows or *nix.
CURLRES_THREADED - is defined if libcurl is built to use threading for
asynchronous name resolves. The name resolve will be done in a new thread,
and the supported asynch API will be the same as for ares-builds. This is
the default under (native) Windows.
If any of the two previous are defined, CURLRES_ASYNCH is defined too. If
libcurl is not built to use an asynchronous resolver, CURLRES_SYNCH is
defined.
The host*.c sources files are split up like this:
hostip.c - method-independent resolver functions and utility functions
hostasyn.c - functions for asynchronous name resolves
hostsyn.c - functions for synchronous name resolves
asyn-ares.c - functions for asynchronous name resolves using c-ares
asyn-thread.c - functions for asynchronous name resolves using threads
hostip4.c - IPv4 specific functions
hostip6.c - IPv6 specific functions
The hostip.h is the single united header file for all this. It defines the
CURLRES_* defines based on the config*.h and curl_setup.h defines.

74
lib/README.httpauth
View File

@ -1,74 +0,0 @@
1. PUT/POST without a known auth to use (possibly no auth required):
(When explicitly set to use a multi-pass auth when doing a POST/PUT,
libcurl should immediately go the Content-Length: 0 bytes route to avoid
the first send all data phase, step 2. If told to use a single-pass auth,
goto step 3.)
Issue the proper PUT/POST request immediately, with the correct
Content-Length and Expect: headers.
If a 100 response is received or the wait for one times out, start sending
the request-body.
If a 401 (or 407 when talking through a proxy) is received, then:
If we have "more than just a little" data left to send, close the
connection. Exactly what "more than just a little" means will have to be
determined. Possibly the current transfer speed should be taken into
account as well.
NOTE: if the size of the POST data is less than MAX_INITIAL_POST_SIZE (when
CURLOPT_POSTFIELDS is used), libcurl will send everything in one single
write() (all request-headers and request-body) and thus it will
unconditionally send the full post data here.
2. PUT/POST with multi-pass auth but not yet completely negotiated:
Send a PUT/POST request, we know that it will be rejected and thus we claim
Content-Length zero to avoid having to send the request-body. (This seems
to be what IE does.)
3. PUT/POST as the last step in the auth negotiation, that is when we have
what we believe is a completed negotiation:
Send a full and proper PUT/POST request (again) with the proper
Content-Length and a following request-body.
NOTE: this may very well be the second (or even third) time the whole or at
least parts of the request body is sent to the server. Since the data may
be provided to libcurl with a callback, we need a way to tell the app that
the upload is to be restarted so that the callback will provide data from
the start again. This requires an API method/mechanism that libcurl
doesn't have today. See below.
Data Rewind
It will be troublesome for some apps to deal with a rewind like this in all
circumstances. I'm thinking for example when using 'curl' to upload data
from stdin. If libcurl ends up having to rewind the reading for a request
to succeed, of course a lack of this callback or if it returns failure, will
cause the request to fail completely.
The new callback is set with CURLOPT_IOCTLFUNCTION (in an attempt to add a
more generic function that might be used for other IO-related controls in
the future):
curlioerr curl_ioctl(CURL *handle, curliocmd cmd, void *clientp);
And in the case where the read is to be rewinded, it would be called with a
cmd named CURLIOCMD_RESTARTREAD. The callback would then return CURLIOE_OK,
if things are fine, or CURLIOE_FAILRESTART if not.
Backwards Compatibility
The approach used until now, that issues a HEAD on the given URL to trigger
the auth negotiation could still be supported and encouraged, but it would
be up to the app to first fetch a URL with GET/HEAD to negotiate on, since
then a following PUT/POST wouldn't need to negotiate authentication and
thus avoid double-sending data.
Optionally, we keep the current approach if some option is set
(CURLOPT_HEADBEFOREAUTH or similar), since it seems to work fairly well for
POST on most servers.

55
lib/README.memoryleak
View File

@ -1,55 +0,0 @@
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
How To Track Down Suspected Memory Leaks in libcurl
===================================================
Single-threaded
Please note that this memory leak system is not adjusted to work in more
than one thread. If you want/need to use it in a multi-threaded app. Please
adjust accordingly.
Build
Rebuild libcurl with -DCURLDEBUG (usually, rerunning configure with
--enable-debug fixes this). 'make clean' first, then 'make' so that all
files actually are rebuilt properly. It will also make sense to build
libcurl with the debug option (usually -g to the compiler) so that debugging
it will be easier if you actually do find a leak in the library.
This will create a library that has memory debugging enabled.
Modify Your Application
Add a line in your application code:
curl_memdebug("dump");
This will make the malloc debug system output a full trace of all resource
using functions to the given file name. Make sure you rebuild your program
and that you link with the same libcurl you built for this purpose as
described above.
Run Your Application
Run your program as usual. Watch the specified memory trace file grow.
Make your program exit and use the proper libcurl cleanup functions etc. So
that all non-leaks are returned/freed properly.
Analyze the Flow
Use the tests/memanalyze.pl perl script to analyze the dump file:
tests/memanalyze.pl dump
This now outputs a report on what resources that were allocated but never
freed etc. This report is very fine for posting to the list!
If this doesn't produce any output, no leak was detected in libcurl. Then
the leak is mostly likely to be in your code.

53
lib/README.multi_socket
View File

@ -1,53 +0,0 @@
Implementation of the curl_multi_socket API
The main ideas of the new API are simply:
1 - The application can use whatever event system it likes as it gets info
from libcurl about what file descriptors libcurl waits for what action
on. (The previous API returns fd_sets which is very select()-centric).
2 - When the application discovers action on a single socket, it calls
libcurl and informs that there was action on this particular socket and
libcurl can then act on that socket/transfer only and not care about
any other transfers. (The previous API always had to scan through all
the existing transfers.)
The idea is that curl_multi_socket_action() calls a given callback with
information about what socket to wait for what action on, and the callback
only gets called if the status of that socket has changed.
We also added a timer callback that makes libcurl call the application when
the timeout value changes, and you set that with curl_multi_setopt() and the
CURLMOPT_TIMERFUNCTION option. To get this to work, Internally, there's an
added a struct to each easy handle in which we store an "expire time" (if
any). The structs are then "splay sorted" so that we can add and remove
times from the linked list and yet somewhat swiftly figure out both how long
time there is until the next nearest timer expires and which timer (handle)
we should take care of now. Of course, the upside of all this is that we get
a curl_multi_timeout() that should also work with old-style applications
that use curl_multi_perform().
We created an internal "socket to easy handles" hash table that given
a socket (file descriptor) return the easy handle that waits for action on
that socket. This hash is made using the already existing hash code
(previously only used for the DNS cache).
To make libcurl able to report plain sockets in the socket callback, we had
to re-organize the internals of the curl_multi_fdset() etc so that the
conversion from sockets to fd_sets for that function is only done in the
last step before the data is returned. I also had to extend c-ares to get a
function that can return plain sockets, as that library too returned only
fd_sets and that is no longer good enough. The changes done to c-ares are
available in c-ares 1.3.1 and later.
We have done a test runs with up to 9000 connections (with a single active
one). The curl_multi_socket_action() invoke then takes less than 10
microseconds in average (using the read-only-1-byte-at-a-time hack). We are
now below the 60 microseconds "per socket action" goal (the extra 50 is the
time libevent needs).
Documentation
http://curl.haxx.se/libcurl/c/curl_multi_socket_action.html
http://curl.haxx.se/libcurl/c/curl_multi_timeout.html
http://curl.haxx.se/libcurl/c/curl_multi_setopt.html

9
lib/cookie.c
View File

@ -1274,9 +1274,8 @@ static int cookie_output(struct CookieInfo *c, const char *dumphere)
"# http://curl.haxx.se/docs/http-cookies.html\n"
"# This file was generated by libcurl! Edit at your own risk.\n\n",
out);
co = c->cookies;
while(co) {
for(co = c->cookies; co; co = co->next) {
if(!co->domain)
continue;
format_ptr = get_netscape_format(co);
@ -1288,7 +1287,6 @@ static int cookie_output(struct CookieInfo *c, const char *dumphere)
}
fprintf(out, "%s\n", format_ptr);
free(format_ptr);
co=co->next;
}
}
@ -1309,9 +1307,7 @@ struct curl_slist *Curl_cookie_list(struct SessionHandle *data)
(data->cookies->numcookies == 0))
return NULL;
c = data->cookies->cookies;
while(c) {
for(c = data->cookies->cookies; c; c = c->next) {
if(!c->domain)
continue;
line = get_netscape_format(c);
@ -1326,7 +1322,6 @@ struct curl_slist *Curl_cookie_list(struct SessionHandle *data)
return NULL;
}
list = beg;
c = c->next;
}
return list;

4
lib/ftp.c
View File

@ -1887,7 +1887,7 @@ static CURLcode proxy_magic(struct connectdata *conn,
memset(&http_proxy, 0, sizeof(http_proxy));
data->req.protop = &http_proxy;
result = Curl_proxyCONNECT(conn, SECONDARYSOCKET, newhost, newport);
result = Curl_proxyCONNECT(conn, SECONDARYSOCKET, newhost, newport, TRUE);
data->req.protop = ftp_save;
@ -3645,7 +3645,7 @@ static CURLcode ftp_do_more(struct connectdata *conn, int *completep)
if(conn->tunnel_state[SECONDARYSOCKET] == TUNNEL_CONNECT) {
/* As we're in TUNNEL_CONNECT state now, we know the proxy name and port
aren't used so we blank their arguments. TODO: make this nicer */
result = Curl_proxyCONNECT(conn, SECONDARYSOCKET, NULL, 0);
result = Curl_proxyCONNECT(conn, SECONDARYSOCKET, NULL, 0, FALSE);
return result;
}

26
lib/http.c
View File

@ -427,8 +427,8 @@ static CURLcode http_perhapsrewind(struct connectdata *conn)
/* figure out how much data we are expected to send */
switch(data->set.httpreq) {
case HTTPREQ_POST:
if(data->set.postfieldsize != -1)
expectsend = data->set.postfieldsize;
if(data->state.infilesize != -1)
expectsend = data->state.infilesize;
else if(data->set.postfields)
expectsend = (curl_off_t)strlen(data->set.postfields);
break;
@ -2317,20 +2317,12 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
te
);
/*
* Free userpwd for Negotiate/NTLM. Cannot reuse as it is associated with
* the connection and shouldn't be repeated over it either.
*/
switch (data->state.authhost.picked) {
case CURLAUTH_NEGOTIATE:
case CURLAUTH_NTLM:
case CURLAUTH_NTLM_WB:
Curl_safefree(conn->allocptr.userpwd);
break;
}
/* clear userpwd to avoid re-using credentials from re-used connections */
Curl_safefree(conn->allocptr.userpwd);
/*
* Same for proxyuserpwd
* Free proxyuserpwd for Negotiate/NTLM. Cannot reuse as it is associated
* with the connection and shouldn't be repeated over it either.
*/
switch (data->state.authproxy.picked) {
case CURLAUTH_NEGOTIATE:
@ -2577,8 +2569,8 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
postsize = 0;
else {
/* figure out the size of the postfields */
postsize = (data->set.postfieldsize != -1)?
data->set.postfieldsize:
postsize = (data->state.infilesize != -1)?
data->state.infilesize:
(data->set.postfields? (curl_off_t)strlen(data->set.postfields):-1);
}
@ -2701,7 +2693,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
return result;
}
else if(data->set.postfieldsize) {
else if(data->state.infilesize) {
/* set the upload size to the progress meter */
Curl_pgrsSetUploadSize(data, postsize?postsize:-1);

22
lib/http_proxy.c
View File

@ -68,7 +68,7 @@ CURLcode Curl_proxy_connect(struct connectdata *conn)
conn->data->req.protop = &http_proxy;
connkeep(conn, "HTTP proxy CONNECT");
result = Curl_proxyCONNECT(conn, FIRSTSOCKET,
conn->host.name, conn->remote_port);
conn->host.name, conn->remote_port, FALSE);
conn->data->req.protop = prot_save;
if(CURLE_OK != result)
return result;
@ -85,12 +85,16 @@ CURLcode Curl_proxy_connect(struct connectdata *conn)
* Curl_proxyCONNECT() requires that we're connected to a HTTP proxy. This
* function will issue the necessary commands to get a seamless tunnel through
* this proxy. After that, the socket can be used just as a normal socket.
*
* 'blocking' set to TRUE means that this function will do the entire CONNECT
* + response in a blocking fashion. Should be avoided!
*/
CURLcode Curl_proxyCONNECT(struct connectdata *conn,
int sockindex,
const char *hostname,
int remote_port)
int remote_port,
bool blocking)
{
int subversion=0;
struct SessionHandle *data=conn->data;
@ -225,12 +229,14 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
return CURLE_RECV_ERROR;
}
if(0 == Curl_socket_ready(tunnelsocket, CURL_SOCKET_BAD, 0))
/* return so we'll be called again polling-style */
return CURLE_OK;
else {
DEBUGF(infof(data,
"Read response immediately from proxy CONNECT\n"));
if(!blocking) {
if(0 == Curl_socket_ready(tunnelsocket, CURL_SOCKET_BAD, 0))
/* return so we'll be called again polling-style */
return CURLE_OK;
else {
DEBUGF(infof(data,
"Read response immediately from proxy CONNECT\n"));
}
}
/* at this point, the tunnel_connecting phase is over. */

7
lib/http_proxy.h
View File

@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@ -26,7 +26,8 @@
/* ftp can use this as well */
CURLcode Curl_proxyCONNECT(struct connectdata *conn,
int tunnelsocket,
const char *hostname, int remote_port);
const char *hostname, int remote_port,
bool blocking);
/* Default proxy timeout in milliseconds */
#define PROXY_TIMEOUT (3600*1000)
@ -34,7 +35,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
CURLcode Curl_proxy_connect(struct connectdata *conn);
#else
#define Curl_proxyCONNECT(x,y,z,w) CURLE_NOT_BUILT_IN
#define Curl_proxyCONNECT(x,y,z,w,v) CURLE_NOT_BUILT_IN
#define Curl_proxy_connect(x) CURLE_OK
#endif

8
lib/multi.c
View File

@ -400,7 +400,10 @@ CURLMcode curl_multi_add_handle(CURLM *multi_handle,
/* Point to the multi's connection cache */
data->state.conn_cache = &multi->conn_cache;
data->state.infilesize = data->set.filesize;
if(data->set.httpreq == HTTPREQ_PUT)
data->state.infilesize = data->set.filesize;
else
data->state.infilesize = data->set.postfieldsize;
/* This adds the new entry at the 'end' of the doubly-linked circular
list of SessionHandle structs to try and maintain a FIFO queue so
@ -1529,9 +1532,6 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
break;
}
DEBUGF(infof(data, "multi_runsingle:%d call Curl_readwrite\n",
__LINE__));
/* read/write data if it is ready to do so */
result = Curl_readwrite(data->easy_conn, data, &done);

9
lib/rtsp.c
View File

@ -322,7 +322,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
if(!p_session_id &&
(rtspreq & ~(RTSPREQ_OPTIONS | RTSPREQ_DESCRIBE | RTSPREQ_SETUP))) {
failf(data, "Refusing to issue an RTSP request [%s] without a session ID.",
p_request ? p_request : "");
p_request);
return CURLE_BAD_FUNCTION_ARGUMENT;
}
@ -440,8 +440,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
Curl_add_bufferf(req_buffer,
"%s %s RTSP/1.0\r\n" /* Request Stream-URI RTSP/1.0 */
"CSeq: %ld\r\n", /* CSeq */
(p_request ? p_request : ""), p_stream_uri,
rtsp->CSeq_sent);
p_request, p_stream_uri, rtsp->CSeq_sent);
if(result)
return result;
@ -495,8 +494,8 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done)
}
else {
postsize = (data->set.postfieldsize != -1)?
data->set.postfieldsize:
postsize = (data->state.infilesize != -1)?
data->state.infilesize:
(data->set.postfields? (curl_off_t)strlen(data->set.postfields):0);
data->set.httpreq = HTTPREQ_POST;
}

91
lib/security.c
View File

@ -480,56 +480,54 @@ static CURLcode choose_mech(struct connectdata *conn)
void *tmp_allocation;
const struct Curl_sec_client_mech *mech = &Curl_krb5_client_mech;
do {
tmp_allocation = realloc(conn->app_data, mech->size);
if(tmp_allocation == NULL) {
failf(data, "Failed realloc of size %u", mech->size);
mech = NULL;
return CURLE_OUT_OF_MEMORY;
}
conn->app_data = tmp_allocation;
tmp_allocation = realloc(conn->app_data, mech->size);
if(tmp_allocation == NULL) {
failf(data, "Failed realloc of size %u", mech->size);
mech = NULL;
return CURLE_OUT_OF_MEMORY;
}
conn->app_data = tmp_allocation;
if(mech->init) {
ret = mech->init(conn->app_data);
if(ret) {
infof(data, "Failed initialization for %s. Skipping it.\n",
mech->name);
continue;
if(mech->init) {
ret = mech->init(conn->app_data);
if(ret) {
infof(data, "Failed initialization for %s. Skipping it.\n",
mech->name);
return CURLE_FAILED_INIT;
}
}
infof(data, "Trying mechanism %s...\n", mech->name);
ret = ftp_send_command(conn, "AUTH %s", mech->name);
if(ret < 0)
/* FIXME: This error is too generic but it is OK for now. */
return CURLE_COULDNT_CONNECT;
if(ret/100 != 3) {
switch(ret) {
case 504:
infof(data, "Mechanism %s is not supported by the server (server "
"returned ftp code: 504).\n", mech->name);
break;
case 534:
infof(data, "Mechanism %s was rejected by the server (server returned "
"ftp code: 534).\n", mech->name);
break;
default:
if(ret/100 == 5) {
infof(data, "server does not support the security extensions\n");
return CURLE_USE_SSL_FAILED;
}
break;
}
return CURLE_LOGIN_DENIED;
}
infof(data, "Trying mechanism %s...\n", mech->name);
ret = ftp_send_command(conn, "AUTH %s", mech->name);
if(ret < 0)
/* FIXME: This error is too generic but it is OK for now. */
return CURLE_COULDNT_CONNECT;
/* Authenticate */
ret = mech->auth(conn->app_data, conn);
if(ret/100 != 3) {
switch(ret) {
case 504:
infof(data, "Mechanism %s is not supported by the server (server "
"returned ftp code: 504).\n", mech->name);
break;
case 534:
infof(data, "Mechanism %s was rejected by the server (server returned "
"ftp code: 534).\n", mech->name);
break;
default:
if(ret/100 == 5) {
infof(data, "server does not support the security extensions\n");
return CURLE_USE_SSL_FAILED;
}
break;
}
continue;
}
/* Authenticate */
ret = mech->auth(conn->app_data, conn);
if(ret == AUTH_CONTINUE)
continue;
else if(ret != AUTH_OK) {
if(ret != AUTH_CONTINUE) {
if(ret != AUTH_OK) {
/* Mechanism has dumped the error to stderr, don't error here. */
return -1;
}
@ -545,8 +543,7 @@ static CURLcode choose_mech(struct connectdata *conn)
/* Set the requested protection level */
/* BLOCKING */
(void)sec_set_protection_level(conn);
} WHILE_FALSE;
}
return CURLE_OK;
}

12
lib/smb.c
View File

@ -783,9 +783,15 @@ static CURLcode smb_request_state(struct connectdata *conn, bool *done)
off = Curl_read16_le(((unsigned char *) msg) +
sizeof(struct smb_header) + 13);
if(len > 0) {
result = Curl_client_write(conn, CLIENTWRITE_BODY,
(char *)msg + off + sizeof(unsigned int),
len);
struct smb_conn *smbc = &conn->proto.smbc;
if(off + sizeof(unsigned int) + len > smbc->got) {
failf(conn->data, "Invalid input packet");
result = CURLE_RECV_ERROR;
}
else
result = Curl_client_write(conn, CLIENTWRITE_BODY,
(char *)msg + off + sizeof(unsigned int),
len);
if(result) {
req->result = result;
next_state = SMB_CLOSE;

3
lib/transfer.c
View File

@ -1053,9 +1053,6 @@ CURLcode Curl_readwrite(struct connectdata *conn,
return CURLE_SEND_ERROR;
}
DEBUGF(infof(data, "Curl_readwrite: keepon: %x select_res %x\n", k->keepon,
select_res));
/* We go ahead and do a read if we have a readable socket or if
the stream was rewound (in which case we have data in a
buffer) */

3
lib/urldata.h
View File

@ -324,6 +324,9 @@ struct ssl_connect_data {
size_t encdata_offset, decdata_offset;
unsigned char *encdata_buffer, *decdata_buffer;
unsigned long req_flags, ret_flags;
CURLcode recv_unrecoverable_err; /* schannel_recv had an unrecoverable err */
bool recv_sspi_close_notify; /* true if connection closed by close_notify */
bool recv_connection_closed; /* true if connection closed, regardless how */
#endif /* USE_SCHANNEL */
#ifdef USE_DARWINSSL
SSLContextRef ssl_ctx;

21
lib/vtls/openssl.c
View File

@ -136,6 +136,11 @@
#define CONF_modules_load_file(a,b,c)
#endif
#ifdef OPENSSL_IS_BORINGSSL
/* not present in BoringSSL */
#define OPENSSL_load_builtin_modules(x)
#endif
/*
* Number of bytes to read from the random number seed file. This must be
* a finite value (because some entropy "files" like /dev/urandom have
@ -1427,8 +1432,10 @@ static const char *ssl_msg_type(int ssl_ver, int msg)
return "Client hello";
case SSL3_MT_SERVER_HELLO:
return "Server hello";
#ifdef SSL3_MT_NEWSESSION_TICKET
case SSL3_MT_NEWSESSION_TICKET:
return "Newsession Ticket";
#endif
case SSL3_MT_CERTIFICATE:
return "Certificate";
case SSL3_MT_SERVER_KEY_EXCHANGE:
@ -2130,10 +2137,9 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex)
else {
/* untreated error */
unsigned long errdetail;
char error_buffer[256]; /* OpenSSL documents that this must be at least
256 bytes long. */
char error_buffer[256]=""; /* OpenSSL documents that this must be at
least 256 bytes long. */
CURLcode result;
const char *cert_problem = NULL;
long lerr;
connssl->connecting_state = ssl_connect_2; /* the connection failed,
@ -2165,9 +2171,10 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex)
X509_verify_cert_error_string(lerr));
}
else
cert_problem = "SSL certificate problem, verify that the CA cert is"
" OK.";
/* strcpy() is fine here as long as the string fits within
error_buffer */
strcpy(error_buffer,
"SSL certificate problem, check your CA cert");
break;
default:
result = CURLE_SSL_CONNECT_ERROR;
@ -2188,7 +2195,7 @@ static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex)
}
/* Could be a CERT problem */
failf(data, "%s%s", cert_problem ? cert_problem : "", error_buffer);
failf(data, "%s", error_buffer);
return result;
}

281
lib/vtls/schannel.c
View File

@ -268,6 +268,10 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
infof(data, "schannel: sent initial handshake data: "
"sent %zd bytes\n", written);
connssl->recv_unrecoverable_err = CURLE_OK;
connssl->recv_sspi_close_notify = false;
connssl->recv_connection_closed = false;
/* continue to second handshake step */
connssl->connecting_state = ssl_connect_2;
@ -300,6 +304,17 @@ schannel_connect_step2(struct connectdata *conn, int sockindex)
if(!connssl->cred || !connssl->ctxt)
return CURLE_SSL_CONNECT_ERROR;
/* buffer to store previously received and decrypted data */
if(connssl->decdata_buffer == NULL) {
connssl->decdata_offset = 0;
connssl->decdata_length = CURL_SCHANNEL_BUFFER_INIT_SIZE;
connssl->decdata_buffer = malloc(connssl->decdata_length);
if(connssl->decdata_buffer == NULL) {
failf(data, "schannel: unable to allocate memory");
return CURLE_OUT_OF_MEMORY;
}
}
/* buffer to store previously received and encrypted data */
if(connssl->encdata_buffer == NULL) {
connssl->encdata_offset = 0;
@ -403,6 +418,17 @@ schannel_connect_step2(struct connectdata *conn, int sockindex)
return CURLE_OK;
}
/* If the server has requested a client certificate, attempt to continue
the handshake without one. This will allow connections to servers which
request a client certificate but do not require it. */
if(sspi_status == SEC_I_INCOMPLETE_CREDENTIALS &&
!(connssl->req_flags & ISC_REQ_USE_SUPPLIED_CREDS)) {
connssl->req_flags |= ISC_REQ_USE_SUPPLIED_CREDS;
connssl->connecting_state = ssl_connect_2_writing;
infof(data, "schannel: a client certificate has been requested\n");
return CURLE_OK;
}
/* check if the handshake needs to be continued */
if(sspi_status == SEC_I_CONTINUE_NEEDED || sspi_status == SEC_E_OK) {
for(i = 0; i < 3; i++) {
@ -823,8 +849,7 @@ schannel_recv(struct connectdata *conn, int sockindex,
char *buf, size_t len, CURLcode *err)
{
size_t size = 0;
ssize_t nread = 0;
CURLcode result;
ssize_t nread = -1;
struct SessionHandle *data = conn->data;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
unsigned char *reallocated_buffer;
@ -833,72 +858,103 @@ schannel_recv(struct connectdata *conn, int sockindex,
SecBuffer inbuf[4];
SecBufferDesc inbuf_desc;
SECURITY_STATUS sspi_status = SEC_E_OK;
/* we want the length of the encrypted buffer to be at least large enough
that it can hold all the bytes requested and some TLS record overhead. */
size_t min_encdata_length = len + CURL_SCHANNEL_BUFFER_FREE_SIZE;
/****************************************************************************
* Don't return or set connssl->recv_unrecoverable_err unless in the cleanup.
* The pattern for return error is set *err, optional infof, goto cleanup.
*
* Our priority is to always return as much decrypted data to the caller as
* possible, even if an error occurs. The state of the decrypted buffer must
* always be valid. Transfer of decrypted data to the caller's buffer is
* handled in the cleanup.
*/
infof(data, "schannel: client wants to read %zu bytes\n", len);
*err = CURLE_OK;
/* buffer to store previously received and decrypted data */
if(connssl->decdata_buffer == NULL) {
connssl->decdata_offset = 0;
connssl->decdata_length = CURL_SCHANNEL_BUFFER_INIT_SIZE;
connssl->decdata_buffer = malloc(connssl->decdata_length);
if(connssl->decdata_buffer == NULL) {
failf(data, "schannel: unable to allocate memory");
*err = CURLE_OUT_OF_MEMORY;
return -1;
}
if(len && len <= connssl->decdata_offset) {
infof(data, "schannel: enough decrypted data is already available\n");
goto cleanup;
}
else if(connssl->recv_unrecoverable_err) {
*err = connssl->recv_unrecoverable_err;
infof(data, "schannel: an unrecoverable error occurred in a prior call\n");
goto cleanup;
}
else if(connssl->recv_sspi_close_notify) {
/* once a server has indicated shutdown there is no more encrypted data */
infof(data, "schannel: server indicated shutdown in a prior call\n");
goto cleanup;
}
else if(!len) {
/* It's debatable what to return when !len. Regardless we can't return
immediately because there may be data to decrypt (in the case we want to
decrypt all encrypted cached data) so handle !len later in cleanup.
*/
; /* do nothing */
}
else if(!connssl->recv_connection_closed) {
/* increase enc buffer in order to fit the requested amount of data */
size = connssl->encdata_length - connssl->encdata_offset;
if(size < CURL_SCHANNEL_BUFFER_FREE_SIZE ||
connssl->encdata_length < min_encdata_length) {
reallocated_length = connssl->encdata_offset +
CURL_SCHANNEL_BUFFER_FREE_SIZE;
if(reallocated_length < min_encdata_length) {
reallocated_length = min_encdata_length;
}
reallocated_buffer = realloc(connssl->encdata_buffer,
reallocated_length);
if(reallocated_buffer == NULL) {
*err = CURLE_OUT_OF_MEMORY;
failf(data, "schannel: unable to re-allocate memory");
goto cleanup;
}
/* increase buffer in order to fit the requested amount of data */
if(connssl->encdata_length - connssl->encdata_offset <
CURL_SCHANNEL_BUFFER_FREE_SIZE || connssl->encdata_length < len) {
/* increase internal encrypted data buffer */
reallocated_length = connssl->encdata_offset +
CURL_SCHANNEL_BUFFER_FREE_SIZE;
/* make sure that the requested amount of data fits */
if(reallocated_length < len) {
reallocated_length = len;
}
reallocated_buffer = realloc(connssl->encdata_buffer,
reallocated_length);
if(reallocated_buffer == NULL) {
failf(data, "schannel: unable to re-allocate memory");
*err = CURLE_OUT_OF_MEMORY;
return -1;
}
else {
connssl->encdata_buffer = reallocated_buffer;
connssl->encdata_length = reallocated_length;
size = connssl->encdata_length - connssl->encdata_offset;
infof(data, "schannel: encdata_buffer resized %zu\n",
connssl->encdata_length);
}
}
/* read encrypted data from socket */
infof(data, "schannel: encrypted data buffer: offset %zu length %zu\n",
connssl->encdata_offset, connssl->encdata_length);
size = connssl->encdata_length - connssl->encdata_offset;
if(size > 0) {
infof(data, "schannel: encrypted data buffer: offset %zu length %zu\n",
connssl->encdata_offset, connssl->encdata_length);
/* read encrypted data from socket */
*err = Curl_read_plain(conn->sock[sockindex],
(char *) (connssl->encdata_buffer +
connssl->encdata_offset),
(char *)(connssl->encdata_buffer +
connssl->encdata_offset),
size, &nread);
/* check for received data */
if(*err != CURLE_OK) {
return -1;
if(*err) {
nread = -1;
if(*err == CURLE_AGAIN)
infof(data, "schannel: Curl_read_plain returned CURLE_AGAIN\n");
else if(*err == CURLE_RECV_ERROR)
infof(data, "schannel: Curl_read_plain returned CURLE_RECV_ERROR\n");
else
infof(data, "schannel: Curl_read_plain returned error %d\n", *err);
}
else if(nread == 0) {
connssl->recv_connection_closed = true;
infof(data, "schannel: server closed the connection\n");
}
else if(nread > 0) {
/* increase encrypted data buffer offset */
connssl->encdata_offset += nread;
connssl->encdata_offset += (size_t)nread;
infof(data, "schannel: encrypted data got %zd\n", nread);
}
infof(data, "schannel: encrypted data got %zd\n", nread);
}
infof(data, "schannel: encrypted data buffer: offset %zu length %zu\n",
connssl->encdata_offset, connssl->encdata_length);
/* check if we still have some data in our buffers */
/* decrypt loop */
while(connssl->encdata_offset > 0 && sspi_status == SEC_E_OK &&
connssl->decdata_offset < len) {
(!len || connssl->decdata_offset < len ||
connssl->recv_connection_closed)) {
/* prepare data buffer for DecryptMessage call */
InitSecBuffer(&inbuf[0], SECBUFFER_DATA, connssl->encdata_buffer,
curlx_uztoul(connssl->encdata_offset));
@ -913,13 +969,6 @@ schannel_recv(struct connectdata *conn, int sockindex,
sspi_status = s_pSecFn->DecryptMessage(&connssl->ctxt->ctxt_handle,
&inbuf_desc, 0, NULL);
/* check if we need more data */
if(sspi_status == SEC_E_INCOMPLETE_MESSAGE) {
infof(data, "schannel: failed to decrypt data, need more data\n");
*err = CURLE_AGAIN;
return -1;
}
/* check if everything went fine (server may want to renegotiate
or shutdown the connection context) */
if(sspi_status == SEC_E_OK || sspi_status == SEC_I_RENEGOTIATE ||
@ -932,7 +981,7 @@ schannel_recv(struct connectdata *conn, int sockindex,
/* increase buffer in order to fit the received amount of data */
size = inbuf[1].cbBuffer > CURL_SCHANNEL_BUFFER_FREE_SIZE ?
inbuf[1].cbBuffer : CURL_SCHANNEL_BUFFER_FREE_SIZE;
inbuf[1].cbBuffer : CURL_SCHANNEL_BUFFER_FREE_SIZE;
if(connssl->decdata_length - connssl->decdata_offset < size ||
connssl->decdata_length < len) {
/* increase internal decrypted data buffer */
@ -943,21 +992,18 @@ schannel_recv(struct connectdata *conn, int sockindex,
}
reallocated_buffer = realloc(connssl->decdata_buffer,
reallocated_length);
if(reallocated_buffer == NULL) {
failf(data, "schannel: unable to re-allocate memory");
*err = CURLE_OUT_OF_MEMORY;
return -1;
}
else {
connssl->decdata_buffer = reallocated_buffer;
connssl->decdata_length = reallocated_length;
failf(data, "schannel: unable to re-allocate memory");
goto cleanup;
}
connssl->decdata_buffer = reallocated_buffer;
connssl->decdata_length = reallocated_length;
}
/* copy decrypted data to internal buffer */
size = inbuf[1].cbBuffer;
if(size > 0) {
if(size) {
memcpy(connssl->decdata_buffer + connssl->decdata_offset,
inbuf[1].pvBuffer, size);
connssl->decdata_offset += size;
@ -996,56 +1042,117 @@ schannel_recv(struct connectdata *conn, int sockindex,
/* check if server wants to renegotiate the connection context */
if(sspi_status == SEC_I_RENEGOTIATE) {
infof(data, "schannel: remote party requests renegotiation\n");
if(*err && *err != CURLE_AGAIN) {
infof(data, "schannel: can't renogotiate, an error is pending\n");
goto cleanup;
}
if(connssl->encdata_offset) {
*err = CURLE_RECV_ERROR;
infof(data, "schannel: can't renogotiate, "
"encrypted data available\n");
goto cleanup;
}
/* begin renegotiation */
infof(data, "schannel: renegotiating SSL/TLS connection\n");
connssl->state = ssl_connection_negotiating;
connssl->connecting_state = ssl_connect_2_writing;
result = schannel_connect_common(conn, sockindex, FALSE, &done);
if(result)
*err = result;
else {
infof(data, "schannel: SSL/TLS connection renegotiated\n");
/* now retry receiving data */
return schannel_recv(conn, sockindex, buf, len, err);
*err = schannel_connect_common(conn, sockindex, FALSE, &done);
if(*err) {
infof(data, "schannel: renegotiation failed\n");
goto cleanup;
}
/* now retry receiving data */
sspi_status = SEC_E_OK;
infof(data, "schannel: SSL/TLS connection renegotiated\n");
continue;
}
/* check if the server closed the connection */
else if(sspi_status == SEC_I_CONTEXT_EXPIRED) {
/* In Windows 2000 SEC_I_CONTEXT_EXPIRED (close_notify) is not
returned so we have to work around that in cleanup. */
connssl->recv_sspi_close_notify = true;
if(!connssl->recv_connection_closed) {
connssl->recv_connection_closed = true;
infof(data, "schannel: server closed the connection\n");
}
goto cleanup;
}
}
else if(sspi_status == SEC_E_INCOMPLETE_MESSAGE) {
if(!*err)
*err = CURLE_AGAIN;
infof(data, "schannel: failed to decrypt data, need more data\n");
goto cleanup;
}
else {
/* something went wrong and we need to return an error */
*err = CURLE_RECV_ERROR;
infof(data, "schannel: failed to read data from server: %s\n",
Curl_sspi_strerror(conn, sspi_status));
*err = CURLE_RECV_ERROR;
return -1;
goto cleanup;
}
}
infof(data, "schannel: encrypted data buffer: offset %zu length %zu\n",
connssl->encdata_offset, connssl->encdata_length);
infof(data, "schannel: decrypted data buffer: offset %zu length %zu\n",
connssl->decdata_offset, connssl->decdata_length);
/* copy requested decrypted data to supplied buffer */
size = len < connssl->decdata_offset ? len : connssl->decdata_offset;
if(size > 0) {
memcpy(buf, connssl->decdata_buffer, size);
cleanup:
/* Warning- there is no guarantee the encdata state is valid at this point */
infof(data, "schannel: schannel_recv cleanup\n");
/* move remaining decrypted data forward to the beginning of buffer */
/* Error if the connection has closed without a close_notify.
Behavior here is a matter of debate. We don't want to be vulnerable to a
truncation attack however there's some browser precedent for ignoring the
close_notify for compatibility reasons.
Additionally, Windows 2000 (v5.0) is a special case since it seems it doesn't
return close_notify. In that case if the connection was closed we assume it
was graceful (close_notify) since there doesn't seem to be a way to tell.
*/
if(len && !connssl->decdata_offset && connssl->recv_connection_closed &&
!connssl->recv_sspi_close_notify) {
DWORD winver_full, winver_major, winver_minor;
winver_full = GetVersion();
winver_major = (DWORD)(LOBYTE(LOWORD(winver_full)));
winver_minor = (DWORD)(HIBYTE(LOWORD(winver_full)));
if(winver_major == 5 && winver_minor == 0 && sspi_status == SEC_E_OK)
connssl->recv_sspi_close_notify = true;
else {
*err = CURLE_RECV_ERROR;
infof(data, "schannel: server closed abruptly (missing close_notify)\n");
}
}
/* Any error other than CURLE_AGAIN is an unrecoverable error. */
if(*err && *err != CURLE_AGAIN)
connssl->recv_unrecoverable_err = *err;
size = len < connssl->decdata_offset ? len : connssl->decdata_offset;
if(size) {
memcpy(buf, connssl->decdata_buffer, size);
memmove(connssl->decdata_buffer, connssl->decdata_buffer + size,
connssl->decdata_offset - size);
connssl->decdata_offset -= size;
infof(data, "schannel: decrypted data returned %zd\n", size);
infof(data, "schannel: decrypted data returned %zu\n", size);
infof(data, "schannel: decrypted data buffer: offset %zu length %zu\n",
connssl->decdata_offset, connssl->decdata_length);
}
/* check if the server closed the connection, */
/* including special check for Windows 2000 Professional */
else if(sspi_status == SEC_I_CONTEXT_EXPIRED || (sspi_status == SEC_E_OK &&
connssl->encdata_offset && connssl->encdata_buffer[0] == 0x15)) {
infof(data, "schannel: server closed the connection\n");
*err = CURLE_OK;
return (ssize_t)size;
}
return size;
if(!*err && !connssl->recv_connection_closed)
*err = CURLE_AGAIN;
/* It's debatable what to return when !len. We could return whatever error we
got from decryption but instead we override here so the return is consistent.
*/
if(!len)
*err = CURLE_OK;
return *err ? -1 : 0;
}
CURLcode

1
lib/vtls/schannel.h
View File

@ -72,6 +72,7 @@
#define SECBUFFER_ALERT 17
#endif
/* Both schannel buffer sizes must be > 0 */
#define CURL_SCHANNEL_BUFFER_INIT_SIZE 4096
#define CURL_SCHANNEL_BUFFER_FREE_SIZE 1024

9
m4/curl-openssl.m4
View File

@ -67,6 +67,7 @@ AC_DEFUN([CURL_CHECK_OPENSSL_API_HEADERS], [
esac
case $tst_api in
0x110) tst_show="1.1.0" ;;
0x102) tst_show="1.0.2" ;;
0x101) tst_show="1.0.1" ;;
0x100) tst_show="1.0.0" ;;
0x099) tst_show="0.9.9" ;;
@ -138,6 +139,13 @@ AC_DEFUN([CURL_CHECK_OPENSSL_API_LIBRARY], [
;;
esac
fi
if test "$tst_api" = "unknown"; then
AC_LINK_IFELSE([
AC_LANG_FUNC_LINK_TRY([SSL_CONF_CTX_new])
],[
tst_api="0x102"
])
fi
if test "$tst_api" = "unknown"; then
AC_LINK_IFELSE([
AC_LANG_FUNC_LINK_TRY([SSL_renegotiate_abbreviated])
@ -210,6 +218,7 @@ AC_DEFUN([CURL_CHECK_OPENSSL_API_LIBRARY], [
fi
case $tst_api in
0x110) tst_show="1.1.0" ;;
0x102) tst_show="1.0.2" ;;
0x101) tst_show="1.0.1" ;;
0x100) tst_show="1.0.0" ;;
0x099) tst_show="0.9.9" ;;

9
projects/README
View File

@ -110,6 +110,15 @@ Notes
stored in the git repositoty) will need to be modified rather than the
generated project files that Visual Studio uses.
Legacy Windows and SSL
======================
Some of the project configurations use as an SSL backend WinSSL (Windows SSPI,
more specifically Schannel), the native SSL library that comes with the Windows
OS. WinSSL in Windows <= XP is not able to connect to servers that no longer
support the legacy handshakes and algorithms used by those versions. If you
will be using curl in one of those earlier versions of Windows you should
choose another SSL backend like OpenSSL.
TODO
====

4
src/tool_getparam.c
View File

@ -158,12 +158,10 @@ static const struct LongShort aliases[]= {
{"$3", "keepalive-time", TRUE},
{"$4", "post302", FALSE},
{"$5", "noproxy", TRUE},
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
{"$6", "socks5-gssapi-service", TRUE},
{"$7", "socks5-gssapi-nec", FALSE},
{"$O", "proxy-service-name", TRUE},
{"$P", "service-name", TRUE},
#endif
{"$8", "proxy1.0", TRUE},
{"$9", "tftp-blksize", TRUE},
{"$A", "mail-from", TRUE},
@ -898,7 +896,6 @@ ParameterError getparameter(char *flag, /* f or -long-flag */
/* This specifies the noproxy list */
GetStr(&config->noproxy, nextarg);
break;
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
case '6': /* --socks5-gssapi-service */
GetStr(&config->socks5_gssapi_service, nextarg);
break;
@ -911,7 +908,6 @@ ParameterError getparameter(char *flag, /* f or -long-flag */
case 'P': /* --service-name */
GetStr(&config->service_name, nextarg);
break;
#endif
case '8': /* --proxy1.0 */
/* http 1.0 proxy */
GetStr(&config->proxy, nextarg);

6
src/tool_help.c
View File

@ -174,10 +174,8 @@ static const char *const helptext[] = {
" --proxy-negotiate "
"Use HTTP Negotiate (SPNEGO) authentication on the proxy (H)",
" --proxy-ntlm Use NTLM authentication on the proxy (H)",
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
" --proxy-service-name NAME SPNEGO proxy service name",
" --service-name NAME SPNEGO service name",
#endif
" -U, --proxy-user USER[:PASSWORD] Proxy user and password",
" --proxy1.0 HOST[:PORT] Use HTTP/1.0 proxy on given port",
" -p, --proxytunnel Operate through a HTTP proxy tunnel (using CONNECT)",
@ -206,10 +204,8 @@ static const char *const helptext[] = {
" --socks5 HOST[:PORT] SOCKS5 proxy on given host + port",
" --socks5-hostname HOST[:PORT] "
"SOCKS5 proxy, pass host name to proxy",
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
" --socks5-gssapi-service NAME SOCKS5 proxy service name for GSS-API",
" --socks5-gssapi-nec Compatibility with NEC SOCKS5 server",
#endif
" -Y, --speed-limit RATE "
"Stop transfers below RATE for 'speed-time' secs",
" -y, --speed-time SECONDS "
@ -224,7 +220,7 @@ static const char *const helptext[] = {
" -t, --telnet-option OPT=VAL Set telnet option",
" --tftp-blksize VALUE Set TFTP BLKSIZE option (must be >512)",
" -z, --time-cond TIME Transfer based on a time condition",
" -1, --tlsv1 Use => TLSv1 (SSL)",
" -1, --tlsv1 Use >= TLSv1 (SSL)",
" --tlsv1.0 Use TLSv1.0 (SSL)",
" --tlsv1.1 Use TLSv1.1 (SSL)",
" --tlsv1.2 Use TLSv1.2 (SSL)",

38
src/tool_operate.c
View File

@ -1204,32 +1204,26 @@ static CURLcode operate_do(struct GlobalConfig *global,
my_setopt_enum(curl, CURLOPT_FTP_SSL_CCC,
(long)config->ftp_ssl_ccc_mode);
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
{
/* TODO: Make this a run-time check instead of compile-time one. */
/* new in curl 7.19.4 */
if(config->socks5_gssapi_service)
my_setopt_str(curl, CURLOPT_SOCKS5_GSSAPI_SERVICE,
config->socks5_gssapi_service);
/* new in curl 7.19.4 */
if(config->socks5_gssapi_service)
my_setopt_str(curl, CURLOPT_SOCKS5_GSSAPI_SERVICE,
config->socks5_gssapi_service);
/* new in curl 7.19.4 */
if(config->socks5_gssapi_nec)
my_setopt_str(curl, CURLOPT_SOCKS5_GSSAPI_NEC,
config->socks5_gssapi_nec);
/* new in curl 7.19.4 */
if(config->socks5_gssapi_nec)
my_setopt_str(curl, CURLOPT_SOCKS5_GSSAPI_NEC,
config->socks5_gssapi_nec);
/* new in curl 7.43.0 */
if(config->proxy_service_name)
my_setopt_str(curl, CURLOPT_PROXY_SERVICE_NAME,
config->proxy_service_name);
/* new in curl 7.43.0 */
if(config->proxy_service_name)
my_setopt_str(curl, CURLOPT_PROXY_SERVICE_NAME,
config->proxy_service_name);
/* new in curl 7.43.0 */
if(config->service_name)
my_setopt_str(curl, CURLOPT_SERVICE_NAME,
config->service_name);
/* new in curl 7.43.0 */
if(config->service_name)
my_setopt_str(curl, CURLOPT_SERVICE_NAME,
config->service_name);
}
#endif
/* curl 7.13.0 */
my_setopt_str(curl, CURLOPT_FTP_ACCOUNT, config->ftp_account);

3
tests/data/Makefile.inc
View File

@ -165,4 +165,5 @@ test2000 test2001 test2002 test2003 test2004 test2005 test2006 test2007 \
test2008 test2009 test2010 test2011 test2012 test2013 test2014 test2015 \
test2016 test2017 test2018 test2019 test2020 test2021 test2022 test2023 \
test2024 test2025 test2026 test2027 test2028 test2029 test2030 test2031 \
test2032 test2033 test2034 test2035 test2036 test2037 test2038 test2039
test2032 test2033 test2034 test2035 test2036 test2037 test2038 test2039 \
test2040

3
tests/data/test1530
View File

@ -9,6 +9,9 @@ CURLOPT_OPENSOCKETFUNCTION
<server>
none
</server>
<features>
http
</features>
<tool>
lib1530
</tool>

69
tests/data/test2040 Normal file
View File

@ -0,0 +1,69 @@
<testcase>
<info>
<keywords>
HTTP
HTTP GET
HTTP Basic auth
</keywords>
</info>
# Server-side
<reply>
<!-- First request has Basic auth, right password -->
<data100>
HTTP/1.1 200 Things are fine in server land
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 32
Finally, this is the real page!
</data100>
<!-- Second request with Basic auth disabled -->
<data200>
HTTP/1.1 401 Sorry wrong password (2)
Server: Microsoft-IIS/5.0
Content-Type: text/html; charset=iso-8859-1
Content-Length: 29
WWW-Authenticate: Basic realm="testrealm"
This is a bad password page!
</data200>
</reply>
# Client-side
<client>
<server>
http
</server>
<name>
HTTP Basic authorization, then without authorization
</name>
<command option="no-output,no-include">
-u testuser:testpass http://%HOSTIP:%HTTPPORT/20400100 --next --no-basic http://%HOSTIP:%HTTPPORT/20400200
</command>
</client>
# Verify data after the test has been "shot"
<verify>
<strip>
^User-Agent:.*
</strip>
<protocol>
GET /20400100 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
Accept: */*
GET /20400200 HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Accept: */*
</protocol>
<stdout>
Finally, this is the real page!
This is a bad password page!
</stdout>
</verify>
</testcase>

13
winbuild/BUILD.WINDOWS.txt
View File

@ -1,5 +1,5 @@
Building with Visual C++, prerequises
=====================================
Building with Visual C++, prerequisites
=======================================
This document describes how to compile, build and install curl and libcurl
from sources using the Visual C++ build tool. To build with VC++, you will
@ -87,3 +87,12 @@ therefore rarely tested. When passing RTLIBCFG for a configuration that was
already built but not with that option, or if the option was specified
differently, you must destroy the build directory containing the configuration
so that nmake can build it from scratch.
Legacy Windows and SSL
======================
When you build curl using the build files in this directory the default SSL
backend will be WinSSL (Windows SSPI, more specifically Schannel), the native
SSL library that comes with the Windows OS. WinSSL in Windows <= XP is not able
to connect to servers that no longer support the legacy handshakes and
algorithms used by those versions. If you will be using curl in one of those
earlier versions of Windows you should choose another SSL backend like OpenSSL.